Jump to content

David H. Lipman

Experts
  • Content Count

    16,078
  • Joined

  • Days Won

    1

Everything posted by David H. Lipman

  1. No. As noted, these emails are sent en masse. What were the results here; https://haveibeenpwned.com/ ?
  2. If you were given the URL; https://id.yahoo.com You will get the Indonesian Language version of Yahoo!
  3. I don't, in any way shape or form, support Apple and Android. All I can say that the text was Indonesian and had Yahoo! related text. How the content was delivered to you is the key here. Was it an email ? If yes, I want to see the Full Headers and Body of the email ( aka; raw email ) Was it a web site ? If yes, I want to see the full URL. What happens if you "close" everything and go straight to; https://www.yahoo.com/ ?
  4. They are called FkeAlerts because these web sites falsely alert the site visitor to an event that does not or did not exist All these have one thing in common and they have nothing to do with any software on your PC. They are all nefarious web sites meant to defraud you of money. The objective is to, falsely, goad you to make the phone call and pay for some service contract for an incident that never happened or buy some software. In the case of Tech Support scammers, they may continue to charge your Credit Card for other services, remote into your computer and do real damage and/or exfiltrate your personal data and they may use the information they obtain from you to commit additional frauds. I have created a PDF ScreenShow of a myriad of FakeAlert screens - FakeAlert-Screens.pdf / Flash Version They are all a kind of malicious advertisement ( aka; malvertisement ). Using Task Manager and Killing the; Edge, IExplore, Chrome, Firefox, etc, processes is very effective once you are affected by these FakeAlerts. Right now, to block it means Malwarebytes needs to know the URL to block. If you can provide the URL it can be added to the list for Malwarebytes sites to block. Submissions of suspect and malicious URLs can be performed in; Newest IP or URL Threats after reading; READ ME: Purpose of this forum Reference: McAfee FakeAlert Malwarebytes has created new Browser Add-Ons called Malwarebytes Browser Guard for Chrome and Firefox to mitigate FakeAlerts and other frauds. Browser Add-On references: Malwarebytes Browser Guard Malwarebytes Browser Guard Extension for Chrome Malwarebytes Browser Guard Extension for Firefox Reference: US FBI PSA - Tech Support Fraud US FTC Consumer Information - Tech Support Scams US FTC - Tech Support Operators Agree to Settle Charges by FTC and the State of Ohio US FTC - FTC and Federal, State and International Partners Announce Major Crackdown on Tech Support Scams Malwarebytes' Blog - Search on - "tech support scams" Malwarebytes' Blog - "Tech support scams: help and resource page" 1. Also located at "My Online Security" - Some videos of typical tech support scams
  5. Indonesian - Google translation based upon graphic OCR.
  6. The presence of a HTML file may indicate that this is not a HTML.FakeAlert but actually may be a Win32.FakeAlert. Web sites don't drop HTML files in %ProgramData% . That is why I have brought in another person so he can do a Log Analysis process with you.
  7. What is the Phone number you left out in Post #1 ? You can't just use the mouse and choose the file ( Highlight the file ) and hit the Delete key ? I am bringing on another person: PING @AdvancedSetup
  8. I don't know. I have not seen that. Maybe if you click on the running icon in the task bar you can bring the Task Manager Window to the forefront. The thing about Killing IEXPLORE.EXE process in the Task manager is that there will be several and with some, new IEXPLORE.EXE processes will be created. One has to be persistent to kill all of them. I suggest using Mozilla FireFox combined with Malwarebytes Browser Guard instead of IE if this is a recurring issue and you have not identified the web site that initiates the FakeAlert to avoid it.
  9. Yes. I have seen literally a few thousand and I have found malvertising URLs that will guarantee or almost guarantee a malvertisemt every time you "hit" that URL. These Microsoft HTML.FakeAlerts are specially crafted to "abuse" the browser and draw an ever increasing amount of resources. That dogs down the computer to what appears to be quite detrimental. Sometimes you have no choice but the hit the reset button. Other times you just have to have patience for your "Ctrl-Alt-Del" Hot Key sequence to get its change so you can kill the browser process. This abuse of Browser coding is done to lend credulity to their scam. The important thing to remember FakeAlerts ( as seen in my ScreenShow and/or videos ) emanate from the Internet. As such it is not about what software is on your PC but about what web sites you visit and one's browsing habits. For example there are certain porn sites that have a greater propensity to exhibit a FakeAlert. If you are on Windows, a Microsoft FakeAlert. If you are on an Apple iPhone or MAC, you will see an Apple FakeAlert. Then there are sites that don't care who they do business with when it comes to advertisement revenue. Or when one marketing company outsources to another. Then the malvertisement may be rotated in or randomly displayed. As I have explained in other discussions I have seen fake Mozilla Firefox malvertisements emanating from the Weather Channel web site. There was a case where members visited AllMusic.com and on rare occasions they got a Microsoft FakeAlert. The reports were few and reproducing it was difficult but finally I was able to coax a Microsoft FakeAlert from a visitation. It was all discussed in This Thread. Reference: Post #20 Therefore, think about your Browsing habits. If its reproducible, we can get it blocked. Using Malwarebytes Browser Guard can help mitigate the receipt and actions of a FakeAlert.
  10. It seems to be that issue to me. The Sub-Forum heading shows unread content but when you dig into it there is no unread content, You have to mark the Sub-Forum as Read.
  11. Yes. Seeing it Today. Shows Unread Content.... However... All Content has been viewed.
  12. Similar to these ? I have created a 1series of videos generated from these kinds of fraud sites for the purposes of recognition and education. They are all videos from real web sites. ALL are FRAUDS. All these have one thing in common and they have nothing to do with any software on your PC. They are all nefarious web sites meant to defraud you of money. The objective is to, falsely, goad you to make the phone call and pay for some service contract for an incident that never happened or buy some software. In the case of Tech Support scammers, they may continue to charge your Credit Card for other services, remote into your computer and do real damage and/or exfiltrate your personal data and they may use the information they obtain from you to commit additional frauds. MalwareScam.wmv MalwareScam-1.wmv MalwareScam-2.wmv MalwareScam-3.wmv MalwareScam-4.wmv MalwareScam-5.wmv MalwareScam-6.wmv I have also created a PDF ScreenShow of a myriad of FakeAlert screens - FakeAlert-Screens.pdf / Flash Version They are all a kind of malicious advertisement ( aka; malvertisement ). Using Task Manager and Killing the; Edge, IExplorer, Chrome, Firefox, etc, processes is very effective once you are affected by these FakeAlerts. Right now, to block it means Malwarebytes needs to know the URL to block. If you can provide the URL it can be added to the list for Malwarebytes sites to block. Submissions of suspect and malicious URLs can be performed in; Newest IP or URL Threats after reading; READ ME: Purpose of this forum Malwarebytes has created new Browser Add-Ons called Malwarebytes Browser Guard for Chrome and Firefox to mitigate FakeAlerts and other frauds. Browser Add-On references: Malwarebytes Browser Guard Malwarebytes Browser Guard Extension for Chrome Malwarebytes Browser Guard Extension for Firefox Reference: US FBI PSA - Tech Support Fraud US FTC Consumer Information - Tech Support Scams US FTC - Tech Support Operators Agree to Settle Charges by FTC and the State of Ohio US FTC - FTC and Federal, State and International Partners Announce Major Crackdown on Tech Support Scams Malwarebytes' Blog - Search on - "tech support scams" Malwarebytes' Blog - "Tech support scams: help and resource page" 1. Also located at "My Online Security" - Some videos of typical tech support scams
  13. The last I saw it was a couple of weeks ago. I'll pay attention to see if it is still current.
  14. @BenABT: Please reference; Malicious Document posted in Malware removal section I'll PING @AdvancedSetup to assist you with this thread.
  15. We'll see if @exile360 can give you some assistance on that.
  16. MBAM for WinXP - https://downloads.malwarebytes.com/file/mb3_legacy Malwarebytes support for legacy Windows XP and Vista Operating Systems
  17. A VPN is the way to go. It creates a virtual tunnel between your PC and the VPN Provider's network. You connect to the Hilton Hotel's network and then initiate the VPN. Subsequently all your traffic will be routed through and tunneled within the VPN connection and will emanate from the VPN Provider's network out to the Internet Web sites will see the VPN Internet Address ( IP Address ) not the Hotel's IP address. The Hotel personnel and other guests can not snoop on your activities. Assuming they tried, they would just see that you have a encrypted tunnel to the VPN Provider.
  18. MBAM's anti-exploit module will block the execution of HTML applications.
  19. Since there is no Font function in the Toolbar, the Font BBCode was all that was left. If Invision will no longer support the Font BBCode, then please add a Font Function to the Editor Toolbar. Xiexie ni Alex.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.