A spate of scareware apps that trick users into buying useless hard disk repair tools appears to be part of a concerted campaign to push fake ‘defrag’ software, a security company has said. A spate of scareware apps that trick users into buying useless hard disk repair tools appears to be part of a concerted campaign to push fake ‘defrag’ software, a security company has said.The Internet abounds with Windows utilities, usually free, some not very good. Users have an unquenchable appetite for them.According to a GFI-Sunbelt Security blog, a new type of bogus disk software has suddenly become very common on the back of this, with a clutch of convincing examples appearing in recent weeks.Users encountering new examples HDDRepair, HDDRescue and HDDPlus should ignore them. They are bogus applications that claim to defragment a user’s hard disk even though such a requirement is barely needed given that Windows does a lot of this work behind the scenes anyway. The apps will, however, claim that a user’s hard disk is riddled with problems, as will the slightly older examples UltraDefragger, ScanDisk, Defrag Express and WinHDD. Sorting out the non-existent issue can cost anything from $20 and up.Such apps have been around for some time in fact but have simply been less documented compared to the fake antivirus programs that have caused chaos on the Internet in the last two years. The phenomenon of fake software is now deeply entrenched on the Internet and criminals have even taken to aping the way security companies are creating all-purpose security programs. Fake apps adopting this verisimilitude tactic include PCoptomizer, PCprotection Center and Privacy Corrector.A quick trawl of Google reveals that all of the above scareware examples are easy to encounter. So how does a user tell the real and useful from the fake and expensive?Depending on the type of app, it is sometimes easier to consult lists of real apps that worry about working out which ones aren’t genuine.As the author points out, the overworked Virus Total is one site that allows files and URLs to be checked against known rogue lists, while certification company ICSA Labs publishes a separate, more high-level list of known vendors. These are not perfect warning systems however. Rogue URLs change constantly and might not be spotted by Virus Total, for instance. Related content news analysis Companies are already feeling the pressure from upcoming US SEC cyber rules New Securities and Exchange Commission cyber incident reporting rules don't kick in until December, but experts say they highlight the need for greater collaboration between CISOs and the C-suite By Cynthia Brumfield Sep 28, 2023 6 mins Regulation Data Breach Financial Services Industry news UK data regulator warns that data breaches put abuse victims’ lives at risk The UK Information Commissioner’s Office has reprimanded seven organizations in the past 14 months for data breaches affecting victims of domestic abuse. By Michael Hill Sep 28, 2023 3 mins Electronic Health Records Data Breach Government news EchoMark releases watermarking solution to secure private communications, detect insider threats Enterprise-grade software embeds AI-driven, forensic watermarking in emails and documents to pinpoint potential insider risks By Michael Hill Sep 28, 2023 4 mins Communications Security Threat and Vulnerability Management Security Software news SpecterOps to use in-house approximation to test for global attack variations The new offering uses atomic tests and in-house approximation in purple team assessment to test all known techniques of an attack. By Shweta Sharma Sep 28, 2023 3 mins Penetration Testing Network Security Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe