Skip to comments.Pop-Up Security Warnings Pose Threats
Posted on 12/11/2009 3:23:19 PM PST by Cindy
Note: The following text is a quote:
Pop-Up Security Warnings Pose Threats
The FBI warned consumers today about an ongoing threat involving pop-up security messages that appear while they are on the Internet. The messages may contain a virus that could harm your computer, cause costly repairs or, even worse, lead to identity theft. The messages contain scareware, fake or rogue anti-virus software that looks authentic.
The message may display what appears to be a real-time, anti-virus scan of your hard drive. The scareware will show a list of reputable software icons; however, you cant click a link to go to the real site to review or see recommendations. Cyber criminals use botnetscollections of compromised computersto push the software, and advertisements on websites deliver it. This is known as malicious advertising or malvertising.
Once the pop-up warning appears, it cant be easily closed by clicking the close or X buttons. If you click the pop-up to purchase the software, a form to collect payment information for the bogus product launches. In some instances, the scareware can install malicious code onto your computer, whether you click the warning or not. This is more likely to happen if your computer has an account that has rights to install software.
Downloading the software could result in viruses, malicious software called Trojans, and/or keyloggershardware that records passwords and sensitive databeing installed on your computer. Malicious software can cause costly damages for individual users and financial institutions. The FBI estimates scareware has cost victims more than $150 million.
Cyber criminals use easy-to-remember names and associate them with known applications. Beware of pop-up warnings that are a variation of recognized security software. You should research the exact name of the software being offered. Take precautions to ensure operating systems are updated and security software is current. If you receive these anti-virus pop-ups, close the browser or shut down your computer system. You should run a full anti-virus scan whenever the computer is turned back on.
If you have experienced the anti-virus pop-ups or a similar scam, notify the Internet Crime Complaint Center (IC3) by filing a complaint at www.ic3.gov.
This sounds “fishy”. I’m sending it to Flag@whitehouse.gov.
When the Federal Government and the rest of the world start treating the criminals who promulgate these malicious codes to the rest of the world by EXECUTING THEM, the sooner they will stop. This ‘malicious’ term needs to be called the spade that it really is; a case can be made for many instances of it as being an offense equal to causing actions and consequences on the same scale as murder..
“Downloading the software could result in viruses, malicious software called Trojans, and/or keyloggershardware that records passwords and sensitive databeing installed on your computer.”
A download that can install hardware, not THAT is cool and creative!
The FBI is all over it. Freeper experts, how long has this exact item they describe been around?
I had one of these pop-ups recently while I was on Facebook.
It seems that the bad guys keep making little modification that can get past McAfee and Microsoft Security Essentials that I have had as protection.
It's a beast. The one I got is in the root and its win32/vundo
“The FBI doesn’t tell you what to do when this happens.”
Whoops! Yes they do, but I wouldn’t even try to close the browser but just go straight to restart!
Just do an Alt + F4
I dont use McAfee, havent had a problem since I switched.
Yes, I never click on those, close them, etc.
I “force quit”, do a virus check, restart.
A warning about something like that came out about a month or two ago from I think, ZDNET maybe. Anyway, it suggested not clicking on anything and just x ing out of your browser altogether because it said clicking on any part of the pop up could start a download to your computer of a virus.
I had one pop up on me when I was on myspace last week or so, and I took ZDNET’s advice and x ed out of my browser and then brought it back up and I was ok doing that.
ON THE INTERNET:
“Cyber Security Tips”
Had this a couple of times last month. Had to shut down the entire computer. When re-booting all was well.
Geez........I got hit by this about 5 years ago......some offshoot of “Spy Sheriff.”
Got two virus notices from my ISP. Both sent from Facebook.
I have now permanently exited Facebook.
Before anyone at Christmas touches a computer or electronic system I am having one hell of a family meeting.
uh i just had an incident last friday at work. just doing a google search for a work analysis and this malware ADVANCED VIRUS REMOVAL attached itself to my pc. it was incredibly aggressive. by the time the IT department helped me remove this puppy it had added 13 trojans and other forms of malware to my pc. i am thankful i at least knew what it was immediately but our corporate security product couldn’t remove it. we had to download a free product from malwarebytes.
The tricky part was that closing the window activated another popup window. I force closed Firefox and ran Adaware. It showed one trojan that was downloaded approximately the time she hit the site with the popup ad.
One thing I found out was that legitimate sites can have these things if they work with a third party ad agency. The script for the popup is in the ad.
I had this happen to a laptop a few months ago. Even though I recognized it as malware and tried to close down, it infected my machine. It prevents you from connecting to good security software sites that offer free malware cleaners. It also used my email address book to spam.
McAfee didn’t catch it. The laptop was totally hosed.
I’m using Kaspersky now. So far, so good...
I do about the same, but I go to a hard 'off'. Some code survives in memory which stays powered up during a restart.
What does Alt + F4 do?
It shuts down the active widow(s) until all the apps are shut down. Give it a try.
I had it. Couldn’t get rid of it. I went to a geek site and someone said to remove the Yahoo toolbar. I did that and I haven’t had a problem with it since.
Are you still having any problems from the infection your DIL caught?
If so, you can try to do a system restore.
I was going to just wipe it but the wife did not want to lose so many files.
We have up to 20 people here during the holidays and everyone was mad that I would allow access to only one computer.......now they are sheepishly not giving me any static over it.
I fear what the future may require is having cheap disposable hard drives, when your files get corrupted you will have to toss them out immediately.
I have three computers lying around that are in running order but have so many software glitches I was forced to stop using them and I just bought another puter.
My old Win 98, a recent XP and this POS Vista that is really pissing me off, my wife just bought a Black friday steal of a puter with Windows 7 and I am so envious.
I stopped trying to buy all the best firewalls and crap, when its get bad I just stop using it and buy another puter, they go obsolete in 9 months or less anyway.
After you go thru something like that, you see how important it is to back up files, so your wife wont worry about losing them.
But if you ever catch a less dangerous trojan that messes with your settings, you can do a system restore after you get rid of it.
You should open up “system restore” on your PC and see how to do it now, in case you ever need to do it in the future, especially if you have a bunch of people using your PC and possibly playing with your settings. It is easy to do and can be a PC-saver, and may also avoid paying for techie help.
The title of the article rates a “Well...DUH!”
FRIDAY, MARCH 12, 2010
“Scareware, Sinowal, Client-Side Exploits Serving Spam Campaign in the Wild”
Posted by Dancho Danchev
SNIPPET: “AS50215 Troyak-as customers are back, with an ugly mix of scareware, sinowal, and client-side exploits serving campaign using the “You don’t have the latest version of Macromedia Flash Player” theme. Quality assurance is also in place this time, with the client-side exploit serving domains using a well known “function nerot” obfuscation technique in an attempt to bypass link scanners.
Let’s dissect the campaign, list all the typosquatted and spamvertised domains, the client-side exploit serving iFrames and the actual scareware.”