A clever malware attack

[Midpack]

Unfortunately hackers are getting better and better. If you use Firefox, you could fall for this very convincing enticement to compromise your PC. The most convincing effort I've seen so far, but I know Firefox doesn't update with random popups. Please don't...

 

[UnrealizedPotential]

Everyone should have spyware and virus protection on their computer . Once the malware gets a foothold on your computer system it is very difficult to get rid of it.

 

[donheff]

Yeah some of these browser popups reel you in. So easy to respond to the prompt before your brain registers what is going on. Many people will never even realize they made a mistake.

 

[Lsbcal]

Unfortunately hackers are getting better and better. If you use Firefox, you could fall for this very convincing enticement to compromise your PC. The most convincing effort I've seen so far, but I know Firefox doesn't update with random popups. Please don't...

Thanks Midpack. I will show this to DW who came to me concerned yesterday with a voicemail from the IRS telling her she would get a court action and to respond to the phone number given .

I do use Firefox. I am guessing that having the popup blocker active would remove this theat. So how to run that popup blocker? Here is some introductory info which I had to review myself: https://support.mozilla.org/en-US/kb/pop-blocker-settings-exceptions-troubleshooting

Under that link is a link to pop up blocker settings: https://support.mozilla.org/en-US/k...ons-troubleshooting#w_pop-up-blocker-settings

You can turn the popup blocker off. Then in various web pages like your bank's, you can create exceptions easily that get put into the exceptions list.

 

[target2019]

This attack is not so simple:

https://support.mozilla.org/en-US/questions/1127436

Could be from an ad on a page, going to a bad result in google search, etc. Bad guys seem to always be a bit more clever than all the blocks on your device. Since the attacks may be morphing in a continuous fashion, one fix does not cure all.

 

[Lsbcal]

Midpack, what was the action that took you to that web page?

I notice that the URL for that page starts with "feehacitysocializing.net". I don't always look at URL's but this is one clue to the observant.

 

[TrvlBug]

I never update from a popup, but go to the official site instead. Same when I get a phone call with message left from cc wrt fraud. I again, always call the number on the cc rather than the one left on my answering machine.

 

[harley]

I always (mostly) glance at a URL before I click on it, whether it's in an email or on a webpage. It's the best method of avoiding malware that I know of. However, that's not the usual practice. So much for counter-phishing training: Half of people click anything sent to them | Ars Technica

For those who admitted to clicking on the link, the majority said they did so out of curiosity. Half of those who didn't were warned off because they didn't recognize the sender's name, and a small minority avoided clicking because they were concerned about the privacy of the person who may have accidentally sent them the link. "I think that with careful planning and execution, anyone can be made to click on this type of link, even if it’s just out of curiosity," Benenson said.

Also, if you are interested to know if you've been affected by any of the major security breaches, you can go to https://haveibeenpwned.com/ and enter your email address or any usernames you use. They'll run it against the databases of compromised sites. The username part is probably not that valuable, since they get reused, but the email part is useful. It's a pretty cool app, and is run by a respected security dude. If you have any questions about it read the FAQ.

How do I know the site isn't just harvesting searched email addresses?

You don't, but it's not. The site is simply intended to be a free service for people to assess risk in relation to their account being caught up in a breach. As with any website, if you're concerned about the intent or security, don't use it.

As of the time of this post they have identified 138 pwned websites and almost a billion and a half pwned accounts. I came up with 1 on my email.

 

[Aerides]

side note: your desk top layout would drive me nuts.

 

[Bestwifeever]

Dollars to donuts that's not the OP's desktop (I too have fun with the details creating imaginary people, and some of the folders look like they're for a parent of an eagle scout candidate who is taking the ACT, and I don't think that defines the OP).

 

[user5027]

I had a similar window on Chrome this morning and closed it without clicking the link.

 

[easysurfer]

Midpack,

Thanks for the alert. I use Firefox and had I come across that pop up, probably would have feel for the trick. Especially since not having much sleep the night before.

 

[Which Roger]

This happened to me a couple of times, when I was using a streaming radio site that required me to disable my ad blocker on that page if I wanted to listen. In my case it's not a popup. Rather, the browser just switches from the radio station page to the fake Firefox update page. I'm guessing this happens when the radio station page would be updating to show a new ad, but can't prove it. I can see how a lot of people would fall for this.

 

[nwsteve]

Thanks Midpack
I vaguely recall seeing that popup early this week. Could not recall if I had seen, so ran Malwarebytes. Sure enough there was malware. Now gone. It looked like one of the could have been serious.
Nwsteve

 

[Lsbcal]

Thanks Midpack
I vaguely recall seeing that popup early this week. Could not recall if I had seen, so ran Malwarebytes. Sure enough there was malware. Now gone. It looked like one of the could have been serious.
Nwsteve

I wonder if Malwarebytes can detect this and warn. This app is one of the few l have paid for so it is always active.

 

[gauss]

I notice that the URL for that page starts with "feehacitysocializing.net". I don't always look at URL's but this is one clue to the observant.

+1

 

[kaneohe]

Also beware of making typos in the url bar:
Typosquatting Scam Infecting Computers with Dangerous Malware – AARP

 

[Capwest28]

I had an Adobe Flash pop-up recently. Almost clicked it reflexively. Glad I did not.


Sent from my iPhone using Early Retirement Forum

 

[Midpack]

side note: your desk top layout would drive me nuts.

Not my desktop...

 

[easysurfer]

Was watching morning news today and malware was in the news again (Olympic athletes medical records hacked, Powell hacked gmail) with a mention that the hackers run circles around the traditional ways of protection with anti-virus and firewall.

On the front lines against cyber hackers - Videos - CBS News

 

[niven]

To me, this is about as convincing as having a stranger knock on the front door and say "Hey, can I see your wallet for a minute?"

If you ever get an unexpected prompt to save, run or do anything really, get out of the browser totally (and you should know how to kill it without clicking on any browser "prompts"). Then you can run any checks you want like Malwarebytes, etc. and go through your normal procedure for checking for Firefox updates or whatever it was trying to convince you to do. This is another reason people should use non-admin accounts on Windows as well, so you have to key in a password if something tries to update your system, not just click yes without thinking.

 

[Chuckanut]

Twice in the past year, withing a week of using an otherwise rarely used credit card, I received and email about the cards warning me of a security breach. In both cases it was a fraud. Yet, they seemed to be able to detect that the card had been recently used by me.

I have ripped flash out out my MacBook. It's no longer worth the grief.

 

[Lsbcal]

... This is another reason people should use non-admin accounts on Windows as well, so you have to key in a password if something tries to update your system, not just click yes without thinking.

Nowadays I'm running Firefox in my account as administrator. I've done this for years now. It would seem to me that setting my privileges to non-administrator would be a (major?) inconvenience. In Windows 10, wouldn't I have to switch users to do admin things?

It used to be (before Win 7 I think) that there was a way to run the browser as non-admin from an admin desktop. I think the term is sandboxing? This link might be relevant for Firefox sandboxing future possibilities: https://www.currentresults.com/Oceans/Temperature/pacific-ocean-temperature-california-summer.php

I don't mind saying that when it comes to security I have a lot of insecurities i.e. I am no expert. On a scale of 1 to 10, maybe I'd be at 7. But that is a log scale I think.

 

[audreyh1]

I had an Adobe Flash pop-up recently. Almost clicked it reflexively. Glad I did not.


Sent from my iPhone using Early Retirement Forum

We took Adobe Flash out of all of our browsers. Too many security holes - constant updates.

 

[Walt34]

Nowadays I'm running Firefox in my account as administrator. I've done this for years now. It would seem to me that setting my privileges to non-administrator would be a (major?) inconvenience. In Windows 10, wouldn't I have to switch users to do admin things?

Only very rarely (once a year, if that) have I found it necessary to log in as administrator. If I want to install software or updates it does prompt for the admin password but then it goes ahead as normal.

What that does do as was pointed out is make you pause and think "What is going on that needs administrator approval?" It makes it harder for malware to sneak in.