dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
1007

antdude
Matrix Ant
Premium Member
join:2001-03-25
US

1 recommendation

antdude

Premium Member

What a fake antivirus attack on a trusted website looks like

»arstechnica.com/security ··· ks-like/ with an embedded YouTube video.

Blackbird
Built for Speed
Premium Member
join:2005-01-14
Fort Wayne, IN

1 recommendation

Blackbird

Premium Member

The first thing to check is the warning message's own language and grammar. If it's as off-the-wall as the "MSE pop-up" image in the article, it's guaranteed to be fake. Of course, that kind of quick check also requires the user know proper spelling and sentence construction. Just another reason, kids, to stay in school and pay attention in your English classes...

Kilroy
MVM
join:2002-11-21
Saint Paul, MN

2 recommendations

Kilroy

MVM

said by Blackbird:

stay in school and pay attention in your English classes

[sarcasm]Wat U mean? U Nfectd isn't real?[/scarcasm]

Sad to say, the youth today, may not recognize a fake message with improper English due to not using it themselves.
dave
Premium Member
join:2000-05-04
not in ohio

dave to antdude

Premium Member

to antdude
I've seen that a few times. The obvious point for me is that the pop-up shows up in a window that either is titled 'message from web page' or says 'message from web page'. This makes it clear enough that the message is from... a web page... and not from Security Essentials.

I'm using IE9.

Snowy
Lock him up!!!
Premium Member
join:2003-04-05
Kailua, HI

1 recommendation

Snowy to antdude

Premium Member

to antdude
So far all the defenses against this have to do 'reading'.
Here's my 'read' on that.
Despite the thread's title, the people who could benefit from the advice are the same one's that will declare "I only go to trusted sites" when browsing this thread.
DarkSithPro (banned)
join:2005-02-12
Tempe, AZ

DarkSithPro (banned) to antdude

Member

to antdude
What if Microsoft and other vendors made a small change to their AV window, one that would put a unique identifier, or your email address on the anti-virus window that pops up. So if the real MSE or Norton popped up it would show your email, or identifier and if the fake one from a comprised site would not and you would know it's fake.
Moffetts
join:2005-05-09
San Mateo, CA

Moffetts to antdude

Member

to antdude
how do i avoided system crash
fartness (banned)
Donald Trump 2016
join:2003-03-25
Look Outside

fartness (banned) to antdude

Member

to antdude
This is 101...

jaykaykay
4 Ever Young
MVM
join:2000-04-13
USA

1 recommendation

jaykaykay

MVM

Of course it is, but not all people are beyond 101 or even at it. There are new computer users every day, and what seems like 101 material for you isn't for someone else. I think we all must realize that much as we would like to think everyone should know these things, they don't.
fartness (banned)
Donald Trump 2016
join:2003-03-25
Look Outside

1 recommendation

fartness (banned)

Member

I meant more of "this is 101 for many/most DSLR users"...

jaykaykay
4 Ever Young
MVM
join:2000-04-13
USA

jaykaykay

MVM

I really knew what you meant, but I never want to drive off anyone new with off hand comments.

Kilroy
MVM
join:2002-11-21
Saint Paul, MN

Kilroy to DarkSithPro

MVM

to DarkSithPro
said by DarkSithPro:

What if Microsoft and other vendors made a small change to their AV window

This would have to be done via user input, similar to some banking sites where you pick a picture and enter a phrase that are shown to you on your log in page so that you know that the site is the actual site and not a bad guy site with a similar look and feel. The problem is that this information would have to be stored locally and in a manner that it could only be called upon by the software that requested it.

donnawbarnes
join:2014-02-04
Los Angeles, CA

donnawbarnes to antdude

Member

to antdude
I've seen a lot of this and scams aren't usually hard to spot if you know the basics.

therube
join:2004-11-11
Randallstown, MD

therube to antdude

Member

to antdude
My first thought was (& it seems I'd forgotten), just what is www.youtube-nocookie.com?

> What if Microsoft and other vendors made a small change...

Click OK, click OK, proceed on with life.
No one bothers to look, much less even notice if they did.

> What a fake antivirus attack on a trusted website looks like

I can show you what a fake AV attack on an untrusted website looks like?
Oh, I see, the link is given in the first post .

Does anyone trust any site?
(IMO, you shouldn't. .)