There’s a type of threat that doesn’t breach firewalls or steal data directly, but still causes panic, support calls, and serious disruption. It’s called scareware.
Law firms are no strangers to this. The typical scam: an alert appears, warning you that “your PC is infected, your files are locked, and/or your browser has been compromised.” The screen locks up. The warning tells you to “call Microsoft” immediately or click an “Install Now” button to repair the problem.
Scareware isn’t new, but the methods used are changing. Scareware relies on fear and confusion by copying the look and the tone of true security alerts.
It makes even calm attorneys feel like their entire caseload might vanish with a click. While scareware rarely installs real malware on it’s own, it often leads users to call fake support lines, download unwanted apps, or hand over sensitive information.
The damage is rarely technical. It’s operational.
A frozen browser. A call to IT. Lost hours. Shaken trust.
A recent defense tool developed by Microsoft is the “Scareware Blocker in Microsoft Edge.”
What it does
The Scareware Blocker is designed to stop known scareware tactics before they trigger a crisis.
It catches suspicious scripts and behaviors by such scam pages and blocks them even before they begin running. Think of it like a filter that catches fake error pages, forced full-screen takeovers, and urgent pop-ups before they load.
It doesn’t replace your antivirus or endpoint protection. It works silently within the browser itself, targeting the specific tricks scareware relies on. Because the majority of scareware lives in your browser-mostly during web searches, ad clicks, or typosquatted URLs-this blocker addresses the attack surface directly.
How to use it
The feature is currently available in Microsoft Edge version 122 or later. It’s not enabled by default yet. To turn it on:
- Open Microsoft Edge.
- Click the 3 dots in the upper right corner, then select Settings. From there select “privacy, search, and services” on the left.
Alternately you can type “edge://settings/privacy” in the address bar to go straight there. - Scroll to “Security”.
- Look for “Scareware blocker protection” and toggle it on.
- Additionally you should turn on “Block sites detected as scams” to ensure those sites get blocked and prevents exposure.
You can also opt to share detected scams with Microsoft if you wish.
A better way to handle this is for IT administrators to use Group Policy or Intune to implement organization wide policies This allows firms to enable the setting across all user devices without individual configuration.
Why this matters for your firm
Scareware may seem like a nuisance rather than a threat, but in a legal setting, even small disruptions can cascade. A managing partner views a false ransomware notice and freezes during a deposition. A junior associate calls a phantom technical support number and unwittingly grants a hacker access. A paralegal’s browser freezes, and everyone is unable to view the docket on time.
It’s not just the scareware. It’s the response to it that causes the damage. The blocker helps prevent those fake warnings completely.
Most firms rely heavily on Microsoft tools. Outlook, Word, Teams, and SharePoint file storage often run through the Edge browser. That makes Edge a frontline environment for both productivity and risk. Having a tool built into that environment reduces dependence on third-party filters or post-incident cleanups.
Who should enable it
Simple answer: everybody. Any firm with staff who spend time on the web; researching, reviewing, or remotely accessing systems, should consider enabling the blocker.
It’s especially useful for firms where IT support is outsourced or distributed, and response time to browser issues can affect billable work.
It adds no cost and minimal complexity but helps eliminate one of the most emotionally disrupting forms of browser-based manipulation.
What it doesn’t do
The blocker doesn’t cover phishing emails, malicious downloads, or broader endpoint threats. This isn’t a security stack replacement. It’s just one piece of a layered protection plan. Quietly preventative. There when you need it. Easy to overlook but it can save you hours of stress.
Scareware thrives on panic and imitation. Microsoft’s blocker works because it prevents that panic from ever starting. For law firms already stretched thin trying to stay secure and efficient, it’s one less interruption to manage. One more thing you don’t have to explain twice.