Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Pop-Up Security Warnings Pose Threats
FBI.gov - Press Release ^ | December 11, 2009 | n/a

Posted on 12/11/2009 3:23:19 PM PST by Cindy

Note: The following text is a quote:

Pop-Up Security Warnings Pose Threats

The FBI warned consumers today about an ongoing threat involving pop-up security messages that appear while they are on the Internet. The messages may contain a virus that could harm your computer, cause costly repairs or, even worse, lead to identity theft. The messages contain scareware, fake or rogue anti-virus software that looks authentic.

The message may display what appears to be a real-time, anti-virus scan of your hard drive. The scareware will show a list of reputable software icons; however, you can’t click a link to go to the real site to review or see recommendations. Cyber criminals use botnets—collections of compromised computers—to push the software, and advertisements on websites deliver it. This is known as malicious advertising or “malvertising.”

Once the pop-up warning appears, it can’t be easily closed by clicking the “close” or “X” buttons. If you click the pop-up to purchase the software, a form to collect payment information for the bogus product launches. In some instances, the scareware can install malicious code onto your computer, whether you click the warning or not. This is more likely to happen if your computer has an account that has rights to install software.

Downloading the software could result in viruses, malicious software called Trojans, and/or keyloggers—hardware that records passwords and sensitive data—being installed on your computer. Malicious software can cause costly damages for individual users and financial institutions. The FBI estimates scareware has cost victims more than $150 million.

Cyber criminals use easy-to-remember names and associate them with known applications. Beware of pop-up warnings that are a variation of recognized security software. You should research the exact name of the software being offered. Take precautions to ensure operating systems are updated and security software is current. If you receive these anti-virus pop-ups, close the browser or shut down your computer system. You should run a full anti-virus scan whenever the computer is turned back on.

If you have experienced the anti-virus pop-ups or a similar scam, notify the Internet Crime Complaint Center (IC3) by filing a complaint at www.ic3.gov.


TOPICS: Computers/Internet; Reference
KEYWORDS: computers; getamac; internet; popups; scareware

1 posted on 12/11/2009 3:23:22 PM PST by Cindy
[ Post Reply | Private Reply | View Replies]

To: Cindy

This sounds “fishy”. I’m sending it to Flag@whitehouse.gov.


2 posted on 12/11/2009 3:27:06 PM PST by Uncle Miltie (America, 1776 - 2009. R.I.P.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Cindy

When the Federal Government and the rest of the world start treating the criminals who promulgate these malicious codes to the rest of the world by EXECUTING THEM, the sooner they will stop. This ‘malicious’ term needs to be called the spade that it really is; a case can be made for many instances of it as being an offense equal to causing actions and consequences on the same scale as murder..


3 posted on 12/11/2009 3:28:20 PM PST by Gaffer
[ Post Reply | Private Reply | To 1 | View Replies]

To: Cindy

“Downloading the software could result in viruses, malicious software called Trojans, and/or keyloggers—hardware that records passwords and sensitive data—being installed on your computer.”

A download that can install hardware, not THAT is cool and creative!


4 posted on 12/11/2009 3:28:29 PM PST by elpinta (Change: check. Hope: not so much.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Cindy

The FBI is all over it. Freeper experts, how long has this exact item they describe been around?


5 posted on 12/11/2009 3:31:20 PM PST by John W (The more predictable we are, the more vulnerable we are.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Cindy

I had one of these pop-ups recently while I was on Facebook.


6 posted on 12/11/2009 3:31:42 PM PST by Bigg Red (Palin/Hunter 2012 -- Bolton their Secretary of State)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Cindy
I have been seeing this for what seems like at least two years. When they pop up, I don't attempt to close it (I think that just activates it even more). The FBI doesn't tell you what to do when this happens. I click the Start button and do a restart, then an anti-virus rescan.

It seems that the bad guys keep making little modification that can get past McAfee and Microsoft Security Essentials that I have had as protection.

7 posted on 12/11/2009 3:36:02 PM PST by Seizethecarp
[ Post Reply | Private Reply | To 1 | View Replies]

To: Bigg Red
I got it too. Didnt download anything but still has to crash it. Luckily I had a back up computer.

It's a beast. The one I got is in the root and its win32/vundo

8 posted on 12/11/2009 3:37:13 PM PST by IllumiNaughtyByNature (3V3Ry71N' 084M4 D03z 83N3f17Z MU5l1mz. c01NC1d3nc3?)
[ Post Reply | Private Reply | To 6 | View Replies]

To: Seizethecarp

“The FBI doesn’t tell you what to do when this happens.”

Whoops! Yes they do, but I wouldn’t even try to close the browser but just go straight to restart!


9 posted on 12/11/2009 3:38:39 PM PST by Seizethecarp
[ Post Reply | Private Reply | To 7 | View Replies]

To: Seizethecarp

Just do an Alt + F4


10 posted on 12/11/2009 3:39:17 PM PST by tired1 (When the Devil eats you there's only one way out.)
[ Post Reply | Private Reply | To 7 | View Replies]

To: Seizethecarp

I dont use McAfee, havent had a problem since I switched.


11 posted on 12/11/2009 3:39:56 PM PST by driftdiver (I could eat it raw, but why do that when I have a fire.)
[ Post Reply | Private Reply | To 7 | View Replies]

To: Seizethecarp

Yes, I never click on those, close them, etc.

I “force quit”, do a virus check, restart.


12 posted on 12/11/2009 3:40:14 PM PST by Cindy
[ Post Reply | Private Reply | To 7 | View Replies]

To: Cindy

A warning about something like that came out about a month or two ago from I think, ZDNET maybe. Anyway, it suggested not clicking on anything and just x ing out of your browser altogether because it said clicking on any part of the pop up could start a download to your computer of a virus.

I had one pop up on me when I was on myspace last week or so, and I took ZDNET’s advice and x ed out of my browser and then brought it back up and I was ok doing that.


13 posted on 12/11/2009 3:42:39 PM PST by GloriaJane (http://www.last.fm/user/GloriaJane)
[ Post Reply | Private Reply | To 1 | View Replies]

To: All

ON THE INTERNET:

http://www.us-cert.gov/cas/tips/index.html
“Cyber Security Tips”


14 posted on 12/11/2009 3:43:23 PM PST by Cindy
[ Post Reply | Private Reply | To 1 | View Replies]

To: Cindy

Had this a couple of times last month. Had to shut down the entire computer. When re-booting all was well.


15 posted on 12/11/2009 3:49:31 PM PST by Carley (OBAMA IS A MALEVOLENT FORCE IN THE WORLD)
[ Post Reply | Private Reply | To 1 | View Replies]

To: John W

Geez........I got hit by this about 5 years ago......some offshoot of “Spy Sheriff.”


16 posted on 12/11/2009 3:50:25 PM PST by JoeDetweiler
[ Post Reply | Private Reply | To 5 | View Replies]

To: Bigg Red

Got two virus notices from my ISP. Both sent from Facebook.

I have now permanently exited Facebook.


17 posted on 12/11/2009 3:50:31 PM PST by Carley (OBAMA IS A MALEVOLENT FORCE IN THE WORLD)
[ Post Reply | Private Reply | To 6 | View Replies]

To: Cindy
My daughter in law got into this last week...........It infected almost every file on this, the "public" computer here at the house.

Before anyone at Christmas touches a computer or electronic system I am having one hell of a family meeting.

18 posted on 12/11/2009 3:54:14 PM PST by Kakaze (Exterminate Islamofacism and apologize for nothing.....except not doing it sooner!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Cindy

uh i just had an incident last friday at work. just doing a google search for a work analysis and this malware ADVANCED VIRUS REMOVAL attached itself to my pc. it was incredibly aggressive. by the time the IT department helped me remove this puppy it had added 13 trojans and other forms of malware to my pc. i am thankful i at least knew what it was immediately but our corporate security product couldn’t remove it. we had to download a free product from malwarebytes.


19 posted on 12/11/2009 4:04:21 PM PST by applpie
[ Post Reply | Private Reply | To 14 | View Replies]

To: Uncle Miltie
Happened to my wife a couple of days ago. Fortunately, she called me before doing anything. We have one Windows laptop in the house, and she was surfing the net. A popup Window said "you have 365 viruses and 92 Trojans."

The tricky part was that closing the window activated another popup window. I force closed Firefox and ran Adaware. It showed one trojan that was downloaded approximately the time she hit the site with the popup ad.

One thing I found out was that legitimate sites can have these things if they work with a third party ad agency. The script for the popup is in the ad.

20 posted on 12/11/2009 4:12:23 PM PST by Richard Kimball (We're all criminals. They just haven't figured out what some of us have done yet.)
[ Post Reply | Private Reply | To 2 | View Replies]

To: Cindy
If you happen to get one of these unwanted "pop-ups," the safest thing to do is open your task manager (usually by hitting "Control-Alt-Delete") and ending the web browser program. It's a pain, but I've seen cases where these pop-ups are NOT regular windows pop-ups, and trying to close them will actually trigger them. You will, however, lose ALL your browser windows, but it's the safest thing to do.

Mark

21 posted on 12/11/2009 4:18:08 PM PST by MarkL (Do I really look like a guy with a plan?)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Carley

Bump.


22 posted on 12/11/2009 4:39:10 PM PST by Cindy
[ Post Reply | Private Reply | To 15 | View Replies]

To: Cindy

I had this happen to a laptop a few months ago. Even though I recognized it as malware and tried to close down, it infected my machine. It prevents you from connecting to good security software sites that offer free malware cleaners. It also used my email address book to spam.

McAfee didn’t catch it. The laptop was totally hosed.

I’m using Kaspersky now. So far, so good...


23 posted on 12/11/2009 4:45:17 PM PST by LibFreeOrDie (Obama promised a gold mine, but will give us the shaft.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Seizethecarp
" I wouldn’t even try to close the browser but just go straight to restart!"

I do about the same, but I go to a hard 'off'. Some code survives in memory which stays powered up during a restart.

24 posted on 12/11/2009 4:52:00 PM PST by norwaypinesavage (The trouble liberals isn't that they are ignorant; it is that they know so much that isn't so.)
[ Post Reply | Private Reply | To 9 | View Replies]

To: tired1

What does Alt + F4 do?


25 posted on 12/11/2009 4:53:16 PM PST by norwaypinesavage (The trouble liberals isn't that they are ignorant; it is that they know so much that isn't so.)
[ Post Reply | Private Reply | To 10 | View Replies]

To: norwaypinesavage

It shuts down the active widow(s) until all the apps are shut down. Give it a try.


26 posted on 12/11/2009 4:56:03 PM PST by tired1 (When the Devil eats you there's only one way out.)
[ Post Reply | Private Reply | To 25 | View Replies]

To: Cindy

I had it. Couldn’t get rid of it. I went to a geek site and someone said to remove the Yahoo toolbar. I did that and I haven’t had a problem with it since.


27 posted on 12/11/2009 5:41:40 PM PST by diefree
[ Post Reply | Private Reply | To 1 | View Replies]

To: Kakaze

Are you still having any problems from the infection your DIL caught?

If so, you can try to do a system restore.


28 posted on 12/11/2009 6:38:49 PM PST by Canedawg (Bring lawyers, guns and money.)
[ Post Reply | Private Reply | To 18 | View Replies]

To: Canedawg
We have removed the virus. I hate to say it but 150 bucks and 4 hours with a norton tech and this computer is back.

I was going to just wipe it but the wife did not want to lose so many files.

We have up to 20 people here during the holidays and everyone was mad that I would allow access to only one computer.......now they are sheepishly not giving me any static over it.

29 posted on 12/12/2009 6:27:56 AM PST by Kakaze (Exterminate Islamofacism and apologize for nothing.....except not doing it sooner!)
[ Post Reply | Private Reply | To 28 | View Replies]

To: Cindy

I fear what the future may require is having cheap disposable hard drives, when your files get corrupted you will have to toss them out immediately.

I have three computers lying around that are in running order but have so many software glitches I was forced to stop using them and I just bought another puter.

My old Win 98, a recent XP and this POS Vista that is really pissing me off, my wife just bought a Black friday steal of a puter with Windows 7 and I am so envious.

I stopped trying to buy all the best firewalls and crap, when its get bad I just stop using it and buy another puter, they go obsolete in 9 months or less anyway.


30 posted on 12/12/2009 6:36:09 AM PST by Eye of Unk (Would spring please arrive early, My new motorcycle awaits to run free and wild.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Kakaze

After you go thru something like that, you see how important it is to back up files, so your wife wont worry about losing them.

But if you ever catch a less dangerous trojan that messes with your settings, you can do a system restore after you get rid of it.

You should open up “system restore” on your PC and see how to do it now, in case you ever need to do it in the future, especially if you have a bunch of people using your PC and possibly playing with your settings. It is easy to do and can be a PC-saver, and may also avoid paying for techie help.


31 posted on 12/12/2009 6:41:53 AM PST by Canedawg (Bring lawyers, guns and money.)
[ Post Reply | Private Reply | To 29 | View Replies]

To: John W

The title of the article rates a “Well...DUH!”


32 posted on 12/12/2009 7:07:55 AM PST by Bloody Sam Roberts (An armed man is a citizen. An unarmed man is a subject.)
[ Post Reply | Private Reply | To 5 | View Replies]

To: All

blog:

http://ddanchev.blogspot.com/2010/03/scareware-sinowal-client-side-exploits.html

FRIDAY, MARCH 12, 2010
“Scareware, Sinowal, Client-Side Exploits Serving Spam Campaign in the Wild”
Posted by Dancho Danchev

SNIPPET: “AS50215 Troyak-as customers are back, with an ugly mix of scareware, sinowal, and client-side exploits serving campaign using the “You don’t have the latest version of Macromedia Flash Player” theme. Quality assurance is also in place this time, with the client-side exploit serving domains using a well known “function nerot” obfuscation technique in an attempt to bypass link scanners.

Let’s dissect the campaign, list all the typosquatted and spamvertised domains, the client-side exploit serving iFrames and the actual scareware.”


33 posted on 03/16/2010 4:25:51 PM PDT by Cindy
[ Post Reply | Private Reply | To 1 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson