Scareware scams: dodgy pop-ups containing malware

Alarming messages on your device claim that it's infected with a virus
Tali RamseySenior Writer

Tali writes about scams and consumer rights for Which? delving into fraud, technology and consumer rights topics to keep readers safe and empowered.

Scareware pop-ups, or notifications, suddenly appear on your device and tell you that it has been infected with malware - but don't worry, these can be ignored. 

Some reports of these scams claim the pop-ups appear with loud alert noises telling you that your device had been infected with viruses. Another said they received a pop-up claiming to be from Apple, which told them their Apple account was suspended for failing to adhere to its rules.

These malicious notifications can infiltrate your device after you've previously clicked on a dodgy link. Although they may seem alarming, you can safely ignore them.

Read on to discover what to do if you’re targeted by one of these pop-ups. 

Outsmart the fraudsters

free newsletter

Sign up for our free Scam Alerts service.

Our Scam Alerts newsletter delivers scams-related content, along with other information about Which? Group products and services. We won't keep sending you the newsletter if you don't want it – unsubscribe whenever you want. Your data will be processed in accordance with our privacy notice.

What is scareware?

Scareware is a type of scam that sees pop-ups appear on your phone, tablet or computer screen, saying that your device has been infected with viruses or malware.

The pop-ups typically feature a clickable button that claims to get rid of the malware or virus. Sometimes this button will say ‘start antivirus’ or ‘start scan’ to mislead you into clicking the link to rid your device of malware.

But these links will actually lead to malware being downloaded onto your device, or it may direct you to a phishing website that will trick you into entering your personal and financial information under the guise of getting rid of the malware.

A fake security alert pop-up impersonating McAfee
A fake security alert pop-up impersonating McAfee

Why you’re seeing pop-ups on your device

You’ve most likely followed a dodgy link from a text message, email or online advert. Sometimes, when you follow a link like this, your browser asks you to allow notifications. By pressing allow, you’re allowing the pop-ups to appear.

In 2024, Which? warned of hacked Facebook accounts being used by scammers to hide malicious links containing malware. Clicking one of these links would launch pop-ups impersonating antivirus company McAfee.

This is a tactic we see time and time again. In a more recent investigation examining how scammers exploit the online open-display advertising system to peddle scams, we experienced hundreds of pop-ups impersonating the antivirus companies Norton and McAfee

These pop-ups appeared after we followed a malicious advert for an eye test we found on the Mail Online website. The pop-ups claimed that we’d visited an ‘unsafe site with illegal content’ and were facing a ‘malware attack’. 

What to do with a scam pop-up on phones

If you're on your phone, you should stop the browser in your phone's app settings. On Android, go to Settings, Apps, select the browser's name ('Chrome', for example) and tap Force Stop.

On an iPhone: swipe up from the bottom of the screen or double-click the home button on older models. You should see all of the apps you have open. Swipe up on the browser with the pop-up to close it.

You should also clear your browsing data on the browser you were using when the pop-up appeared. You can do this by opening up the browser and clearing the data from either the history or the settings. Here, you can also stop the specific sites from sending you notifications, to prevent pop-ups from reappearing.

On Android: you should also run a Google Play Protect scan to check whether any malicious files have been downloaded. You can do this by opening the Google Play Store app, going to your profile, selecting Play Protect and tapping Scan.

How to get rid of pop-ups on your computer

On a Windows computer: If a dodgy pop-up appears on your Windows computer, don't click on it, and instead close your entire browser via the Windows Task Manager. To do this, use the keyboard shortcut Ctrl + Alt + Delete and select Task Manager from the options. Click the Processes tab and select your browser (such as Edge or Chrome) from the list of programs running, then choose End Task. Visit our guide for more detailed advice on how to stop and remove pop-ups on Windows

On a Mac: You can force quit the browser by pressing Option + Command + Esc simultaneously, selecting the frozen application, and clicking Force Quit.

You should make sure you have good antivirus software downloaded and run a scan as soon as you can. You should also make sure your devices are updated to the latest software available, to protect them from viruses. If you need further help, you can join Which? Tech for tailored 1-to-1 technical support. 

If you've lost any money or spot an unauthorised transaction on your account, you should contact your bank immediately using the number found on the back of your card. 

Scams should be reported to Report Fraud, or by calling the police on 101 if you live in Scotland.

Seen or been affected by a scam? Help us protect others

Sharing details of the scam helps us to protect others as well as inform our scams content, research and policy work. We will collect information relating to your experience of a scam, but we won't be able to identify your responses unless you choose to provide your contact details.

Share scam details

More on this