Jump to content
 

The non-railway and non-modelling social zone. Please ensure forum rules are adhered to in this area too!

Malicious pop up?

sb67

By sb67,
in Wheeltappers

 Share

Recommended Posts

AndrewC

AndrewC

Posted
Posted

Fairly common poor man’s scare ware attempt. Generally, what happens is a third party served advert is compromised so that when loaded it causes a redirect to the dodgy page. Harmless unless you click on anything. 

 

It is recommended practice to set your browser to NOT restore your previous sites so that if you have to nuke the session through the 3 finger salute or task manager, you don’t get the dodgy page reloading when you restart the browser. 

 

Sadly (for RMweb’s revenue) the safest way of stopping these p1ss poor redirect attempts is to use an ad blocker. 

Link to post
Share on other sites
sb67

sb67

Posted
  • Author
Posted
8 hours ago, AndrewC said:

Fairly common poor man’s scare ware attempt. Generally, what happens is a third party served advert is compromised so that when loaded it causes a redirect to the dodgy page. Harmless unless you click on anything. 

 

It is recommended practice to set your browser to NOT restore your previous sites so that if you have to nuke the session through the 3 finger salute or task manager, you don’t get the dodgy page reloading when you restart the browser. 

 

Sadly (for RMweb’s revenue) the safest way of stopping these p1ss poor redirect attempts is to use an ad blocker. 

 

Nice tip Andrew, how do you set your browser, using ms edge, to not restore previous sites?

Steve

Link to post
Share on other sites
AndrewC

AndrewC

Posted
Posted
42 minutes ago, sb67 said:

 

Nice tip Andrew, how do you set your browser, using ms edge, to not restore previous sites?

Steve

Other browsers have easy to get to settings for this but Edge is a bit different. 

https://help.getadblock.com/support/solutions/articles/6000152523-how-to-keep-microsoft-edge-from-reopening-the-previous-tabs-after-a-crash

 

This should help.  

Link to post
Share on other sites
  • RMweb Gold
RFS

RFS

Posted
  • RMweb Gold
Posted
21 hours ago, Ian J. said:

The grammar and general wording in the messages is pretty poor, so obviously fake. Of course, anyone who isn't knowledgeable, especially younger children, might fall victim to it.

 

And that's one good reason for having the account you use to browse the web being a standard account (ie without administrator privileges), especially if that account is being used by youngsters. That way, if a system change or software install is attempted, you will get a prompt for the admin password. I have a separate account called admin just for this purpose. 

  • Agree 3
Link to post
Share on other sites
sb67

sb67

Posted
  • Author
Posted
1 hour ago, johndon said:

Just got it again.

 

Looks like I'll be installing an ad blocker then...

 

Untitled.png

 About 2 minutes after reading your post I had exactly the same screen pop up! This was despite having Malwarebytes up and running.

Closed it all down and now using the In Private screen and looking for a suitable add blocker. 

Steve.

Link to post
Share on other sites
  • RMweb Premium
Ian J.

Ian J.

Posted
  • RMweb Premium
Posted

The main reason crappy malicious stuff gets through a browser is due to Javascript being universally allowed by too many browsers and the people that use them. If only it wasn't so heavily relied on then such things would be far less common. Think of JS in the browser as being code that someone else wrote without so much as a check through before it runs live on your computer. I know that's something I'd hate to ever do with an actual program - install it without any kind of virus check.

 

So, I reiterate for those who don't know me - I use Firefox with NoScript and see none of the crap from non-whitelisted third party sites.

Link to post
Share on other sites
Ben Alder

Ben Alder

Posted
Posted
7 hours ago, Ian J. said:

The main reason crappy malicious stuff gets through a browser is due to Javascript being universally allowed by too many browsers and the people that use them. If only it wasn't so heavily relied on then such things would be far less common. Think of JS in the browser as being code that someone else wrote without so much as a check through before it runs live on your computer. I know that's something I'd hate to ever do with an actual program - install it without any kind of virus check.

 

So, I reiterate for those who don't know me - I use Firefox with NoScript and see none of the crap from non-whitelisted third party sites.

 

This is where we miss Kenton - his antipathy to JS and much else of what floats round the ether has been very useful  to me....

  • Agree 3
  • Funny 2
Link to post
Share on other sites
SM42

SM42

Posted
Posted

I had the same message as the OP last week, again on RMWeb.

Being a bear of simple brain I used the age old and got to solution of most IT departments, the shut down an restart technique, followed by a scan that found nought

 

Been alright since (maybe spoke too soon here)  

 

I've had similar but different things pop up before on RMWeb but that may be just down to the fact it is the site I look at most and it could happen on any site. RMWeb just has a better chance of being open at the time 

 

All suggestions made up thread noted. Thanks everyone 

 

Andy

Link to post
Share on other sites
sb67

sb67

Posted
  • Author
Posted
12 hours ago, Ian J. said:

The main reason crappy malicious stuff gets through a browser is due to Javascript being universally allowed by too many browsers and the people that use them. If only it wasn't so heavily relied on then such things would be far less common. Think of JS in the browser as being code that someone else wrote without so much as a check through before it runs live on your computer. I know that's something I'd hate to ever do with an actual program - install it without any kind of virus check.

 

So, I reiterate for those who don't know me - I use Firefox with NoScript and see none of the crap from non-whitelisted third party sites.

 

I'm afraid this is where I start to get lost with it all and in theses days of more and more tech stuff I wish I didn't. SO...… I could download and use another browser with no effect to the running etc of my laptop etc and the only reason I use MS edge i'm guessing is because that was installed already so I've just got familiar with it? I'm also guessing different browsers have different properties etc? How do I not use JavaScript?

Steve.

Link to post
Share on other sites
  • RMweb Premium
Ian J.

Ian J.

Posted
  • RMweb Premium
Posted (edited)
1 hour ago, sb67 said:

 

...How do I not use JavaScript?

 

 

The simplest answer: you don't. The problem is that most websites now rely on Javascript for so much that they don't function properly with it fully switched off (which I think most browsers can still do, though I haven't checked recently). So you have to be careful and very cynical about any website you visit.

 

The more complex answer: find a browser (I use Firefox) that allows add-ins, and find an add-in that can block Javascript selectively (I use NoScript). Then get used to working out which domains to allow JS from (whitelisting). Unfortunately you also have to get used to dealing with websites that don't load fully, and also the annoying problem of, if you make purchases online, figuring out how to see the domains for payment services when they only appear when actually making the transaction. I'm kind of used to it, but can still struggle at times. There are 'temporarily allow' options in NoScript that can help in those times when you just accept all the domains for a site so you can get something done, but of course that opens up the usual issues for that time.

Edited by Ian J.
  • Thanks 1
  • Informative/Useful 1
Link to post
Share on other sites
AndrewC

AndrewC

Posted
Posted
1 hour ago, Ian J. said:

 

The simplest answer: you don't. The problem is that most websites now rely on Javascript for so much that they don't function properly with it fully switched off (which I think most browsers can still do, though I haven't checked recently). So you have to be careful and very cynical about any website you visit.

 

The more complex answer: find a browser (I use Firefox) that allows add-ins, and find an add-in that can block Javascript selectively (I use NoScript). Then get used to working out which domains to allow JS from (whitelisting). Unfortunately you also have to get used to dealing with websites that don't load fully, and also the annoying problem of, if you make purchases online, figuring out how to see the domains for payment services when they only appear when actually making the transaction. I'm kind of used to it, but can still struggle at times. There are 'temporarily allow' options in NoScript that can help in those times when you just accept all the domains for a site so you can get something done, but of course that opens up the usual issues for that time.

As Ian says, JavaScript is so embedded in web sites these days that shutting it off basically breaks the majority of web sites. Microsoft has changed how Edge behaves and shutting it off is bloody complicated. I’d suggest grabbing a different browser. I use both FireFox and Chrome. I find Chrome is more compliant with the newest html standards and has fewer hiccups than FF. Both have add ins to manage JavaScript behaviour and whitelisting. 

  • Agree 1
  • Thanks 1
Link to post
Share on other sites
  • RMweb Premium
Ian J.

Ian J.

Posted
  • RMweb Premium
Posted (edited)

Be aware that Google's javascript code is, I believe, baked into Chrome, so can't be blocked.

Edited by Ian J.
Incorrect, see post below
Link to post
Share on other sites
AndrewC

AndrewC

Posted
Posted (edited)
13 minutes ago, Ian J. said:

Be aware that Google's javascript code is, I believe, baked into Chrome, so can't be blocked.

Incorrect. Switching js on and off in Chrome is a simple setting in adv. JS control with SyBU or ‘disable javascript’  plugins  work similar to ones for FF. 

 

This includes JS that is served by google, inline code, and separate js files. 

Edited by AndrewC
  • Informative/Useful 1
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...