"The scareware is intimidating to most users and extremely aggressive in its attempt to lure the user into purchasing the rogue software that will allegedly remove the viruses from their computer. It is possible that these threats are received as a result of clicking on advertisements contained on a website. Cyber criminals use botnets to push the software and use advertisements on websites to deliver it. This is known as malicious advertising or malvertising.
Once the pop-up appears it cannot be easily closed by clicking "close" or the "X" button. If the user clicks on the pop-up to purchase the software, a form is provided that collects payment information and the user is charged for the bogus product. In some instances, whether the user clicks on the pop-up or not, the scareware can install malicious code onto the computer. By running your computer with an account that has rights to install software, this issue is more likely to occur."
The estimated financial losses to customers caused by scareware, greatly outpace the revenues generated by spam in general, which due to its epic proportions is wrongly considered as a largely profitable cybercrime endeavor. From a cybercriminal's perspective, the conversion rate of exposed and infected with scareware users, looks much more favorable than the conversion rate of millions of users who clicked on a spam message, but purchased nothing.
What was the the single most important event that took place during 2009, and indicated the cybercrime underground's long-term ambitions into developing the scareware business model?
You know that scareware is a "game changer", when the Conficker botnet decides to temporarily join the business model, instead of relying on spam campaigns as a revenue source.
Throughout the entire 2009, scareware successfully matured as a fraud scheme, and positioned itself as one of the most profitable monetization tactics applied by cybercriminals. The fraud tactic is prone to escalate in 2010 due to a single fact - it's profitable and the business model has already been positioned as a cash cow in Cisco's Cybecrime Return on Investment Matrix.