Real Software Update vs Fake Update Scam
How to tell a genuine operating system or application update from a fake update prompt designed to install malware.
Last reviewed: 1 June 2026
Fake update prompts exploit one of the best security habits users have: keeping software up to date. They appear as realistic browser overlays or pop-ups claiming your browser, media player, or operating system is dangerously out of date and must be updated immediately. Clicking download installs malware, adware, or remote-access tools instead of a real update. Legitimate updates never come from websites; they arrive through your device's own update system or within the application itself. That single distinction eliminates most fake update risk before you ever click anything.
Side-by-side comparison
| Real software update | Fake update | |
|---|---|---|
| Source | Updates come through the OS update manager or within the app itself | Update prompt appears in a browser window on a website |
| Trigger | Updates available on a regular schedule or after a known release | Urgent 'critical update required now' at an unexpected moment |
| Download location | Downloads from the official app store or the application's internal updater | Downloads an executable file from a third-party or unfamiliar domain |
| Permissions | Requires the standard system permissions for updates | Asks for unusual permissions — remote access, microphone, location |
| Verification | Update version verifiable against the developer's official release notes | No verifiable match to any official release |
| Urgency | Can be postponed; system stays functional without immediate action | 'Your device is at risk — update NOW or face damage' |
Common red flags
- Software update prompt appearing inside a browser window on a website
- Update download from a domain other than the developer's official site
- Extreme urgency language about security threats or device damage
- Installer asks for unusual permissions unrelated to the software being updated
- Prompt appears immediately after visiting an unfamiliar or low-quality website
- Update requires disabling existing security software before installing
Verification steps
- Close the browser prompt and check for updates through your device's official update settings or the application's own menu
- Verify whether the update version mentioned matches a release on the developer's official website
- Only download software from official sources — the app's own updater, your OS update manager, or the official developer website
- Keep your real OS and software updated through official channels so fake urgency is easy to dismiss
What not to do
- Don't download updates from a browser pop-up or website overlay
- Don't install executables that arrive without you initiating the update process
- Don't disable antivirus or security tools at an installer's request
- Don't assume a professional-looking update dialog is genuine — appearance is trivially faked
A safe response
Close the browser window or tab. Check your actual device update settings and the application in question to see whether a real update is available. If you already installed something, run a full scan with your legitimate security software and consider seeking further advice.
Frequently asked questions
Can a website tell whether my software is really out of date?
Not reliably. Websites can detect your browser type and version, but they cannot comprehensively assess your device's patch state. A web page claiming a 'critical' system update is almost always a scam prompt.
What if my real browser does prompt me to update?
Modern browsers update themselves automatically through their own internal mechanisms, not through web-page pop-ups. If a prompt appears inside a web page, treat it with suspicion regardless of how realistic it looks.
I already installed the fake update — what do I do?
Disconnect from the internet, run a full scan with reputable security software, and change passwords for important accounts from a different device. If you granted remote access during the installation, follow the remote-access scam recovery steps.