Jump to content

WHAT THE HECK HAPPENED?


PA.Dutchman
 Share

Recommended Posts

WHAT THE HECK HAPPENED?  I was reading the newspaper on our local Digital Newspaper site, I have a subscription to the newspaper, WHEN SUDDENLY A FLASHING PAGE TOOK OVER MY SCREEN ANNOUNCING I WAS INFECTED BY A PORNOGRAPHIC MALWARE AND IT GAVE A PHONE NUMBER TO CALL IMMEDIATELY. 

It took a while to shut it down and I am running a Malwarebytes Scan, HOWEVER what surprised me is that Malwarebytes hadn't stopped it or warned me before or during this almost like a hijacking of the screen. 

The scan came up clean, WHAT WAS THAT I NEVER HAD ANYTHING LIKE THAT BEFORE, it wasn't easy to shut it down quickly and I was our newspapers' subscription site, it is suppose to be a safe site or they are going to have people drop their subscriptions.

Link to post
Share on other sites

Similar to these ?

I have created a 1series of videos generated from these kinds of fraud sites for the purposes of recognition and education.  They are all  videos from real web sites.  ALL are FRAUDS.

All these have one thing in common and they have nothing to do with any software on your PC.  They are all nefarious web sites meant to defraud you of money. The objective is to, falsely, goad you to make the phone call and pay for some service contract for an incident that never happened.  From there they may continue to charge your Credit Card for other services, remote into your computer and do real damage and/or exfiltrate your personal data and they may use the information they obtain from you to commit additional frauds.

 

Chances are the Digital Newspaper had advertisements embedded on the web page you were reading.  The advertisement may be randomized or rotated-in in a specific order and with the series of advertisements could be a malvertisement that included the HTML.FakeAlert you were presented.

To block the site MBAM has to know the IP address and/or URL to be blocked.  I see hundreds of these fraud sites every day.

If you can provide the URL of the FakeAlert, we can submit it to Malwarebytes so it can be blocked.

 

MalwareScam.wmv
MalwareScam-1.wmv
MalwareScam-2.wmv
MalwareScam-3.wmv
MalwareScam-4.wmv
MalwareScam-5.wmv
MalwareScam-6.wmv

I have also created a PDF ScreenShow of a myriad of FakeAlert screens - FakeAlert-Screens.pdf  /  Flash Version


Reference:   
US FBI PSA - Tech Support Scam

 



1.  Also located at "My Online Security" - Some videos of typical tech support scams

 

Edited by David H. Lipman
Link to post
Share on other sites

Thank you very much, I am going to pass this on to the News Paper support site.

I am immediately reminded of my earliest days on the ORIGINAL SMART COMPUTING FORUM. Those GREAT AND SKILLED MEMBERS ALL TOLD US NOVICES "GET MALWAREBYTES TODAY!!!" We did and it continues to be money WELL SPENT!!

AGAIN THANK YOU.

Edited by PA.Dutchman
Link to post
Share on other sites

This is the story and the NEWSPAPER PAGE I was reading when this all went down, I was if anything moving the story to continue reading and I am guessing one of the ads may have engaged from my pointer. It started up immediately and it gave little chance of quickly shutting it down. I may have the BROWSER HISTORY, it happened so fast I think I deleted the BROWSER HISTORY thinking it might eliminate any connection to our PC.

http://www.mcall.com/news/breaking/mc-nws-pa-7-marty-nothstein-news-conference-20180817-story.html

 

Link to post
Share on other sites

  • Staff

There is one "news" site I go to often.  I put that in quotes because I think it is more of an opportunity for children who think they are editors to in fact show they are not. I digress.  There are tons of ads on many sites, by design.  Websites that want to keep you on their site bog you down with ads, presuming that you will find some that bring them added revenue.  As David has said, ads can also be malvertisements.  Ad services generally mismanage memory severely, causing memory leaks (ever-increasing memory usage) and with that, opportunities for malware to actually get a foothold on your computer.  The best thing to do (in general) is to use reputable ad blockers.  Some web pages that you go to may deny you access if they can't spew garbage at you, but I have managed to survive with other sources for the same information.  There are also other ways, but they require intermediate to advanced computer knowledge.

Until they care as much about my internet experience as I do, I will use ad blockers and other means to keep what I described and what you described out of my world.

Link to post
Share on other sites

  • Staff

Just for future reference, Malwarebytes now has a browser extension available for Chrome and other Chromium based browsers (like SRWare Iron etc.) as well as Firefox that should block these kinds of sites among other things.  In addition to using the same blocking databases used by Malwarebytes Web Protection component to block known malicious sites, it also includes additional behavior based technology to block new and unknown tech support scam sites like the one you encountered as well as other threats and undesirable items not currently targeted by Malwarebytes 3, including blocking several ads as well as tracking servers to protect your privacy.  The extension is in beta and is currently available for free.  You can find out more and download it via the links below:

Chrome
Firefox

I also have the same links in my signature currently.  I've been using the extension for several months now, and since that time I haven't had a single incident where a tech support scam page was able to take over my browser/system.  Each time they tried they were blocked by the new browser extension :) .

Edited by exile360
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.