Bonn  - Sometimes crooks disguise themselves as friends. That's exactly what's happening when you're surfing the web and suddenly see the warning message "Your computer is virus infected. Click here to receive the latest anti-virus software."

Beware! The warning is part of a new threat faced by computer users: scareware. Essentially, scareware is malicious software that pretends to be anti-virus software, but really wants to gain access to your computer.

These attempts have been increasing in number lately, says Frank Felzmann, an expert at the German Federal Agency for Security in Information Technology (BSI) in Bonn: "Estimates suggest that 4 to 5 million users are affected around the world," he says. Security software maker Steganos has counted one in 300 customers as already having to deal with scareware.

For many internet surfers, the temptation is clearly high to interpret the unsolicited warning as legitimate advice. This effect has even been confirmed in a recent study by the Institute for Psychology at North Carolina State University. During the study, unsuspecting users were shown clearly forged warnings. In 63 per cent of the cases, the test subjects accepted the reports - and actually downloaded the scareware.

"Lay users generally can't recognise scareware as such," says Daniel Bachfeld from Hannover-based c't magazine. The programs pretend to execute a deceptively realistic looking virus test - and naturally also discover viruses on the machine. The software then touts itself as the right solution.

There are various scareware variants. The most harmless type encourages the user to spend money on what is in fact completely useless software, but otherwise causes no further damages. Other scareware can be much more devious. It can act as a trojan horse program, opening back doors for unauthorised access to the affected system.

It's also possible to catch a virus without having actively downloaded files, BSI-expert Felzmann explains. JavaScript functions can sneak the little program files onto a computer while the user surfs the Web. "That's why you should deactivate active content like JavaScript for your browser," he says.

Some scareware programs offer uninstall routines. "The creators are attempting in this way to lend their programs an air of seriousness," Bachfeld suspects.

Yet it's not always easy to get rid of the uninvited guests. The viruses burrow deep into the computer's innards. In many case the system's registry is so strongly altered that the user has no option but to reinstall the entire operating system. (dpa)