Here’s a tip in case you find yourself staring at a suspicious window.
Most malware is installed on a computer these days by luring you to a poisoned web site that brings up a window in front of your browser, suggesting that you agree to let something be installed. The bad guys are showing tremendous ingenuity in getting you to the malicious web sites, so you might be following a link in an email message, a link from a Google search, or perhaps even seeing something generated by a hijacked advertisement on a legitimate web site. I’ve seen reports of similar attacks from people who swear they never left Facebook or Hotmail.
The window that appears is likely to look legitimate. The bad guys know English grammar now! The goal is to get you to click a button without arousing any suspicion, and anything is fair game. Random examples:
- “To view this content, you need to disable your popup blocker. Click here to enable popups on this site.”
- “Your version of Adobe Flash is out of date. Click here to install the latest version of Flash.”
- “Your computer may have been infected by spyware. Click here to start a system scan.”
- “You are an idiot. Click here to allow the Russian mafia to take over your bank accounts.”
That last one is there because a large number of people will click OK regardless of what the message says.
If you click OK, malware will be installed on your computer before your antivirus software can stop it.
You’ll probably be given a choice – YES or NO, OK or CANCEL.
The bad guys are liars.
If you click “NO,” there is a good chance that they lied and you actually gave permission to install the malware. Don’t click on anything presented by the bad guys!
There is only one safe thing to do.
If there is any chance that a dodgy web site is on the verge of installing a bad thing on your computer, start Task Manager and kill Internet Explorer from the list of applications there.
If that’s not sufficient to close the possible malware window, see if you can identify it in the longer list of “Processes” in Task Manager.
If neither of those work and you still have a window onscreen that might be dangerous, turn your computer off with the power button.
Yeah, you’d rather not ever do that, but you would rather forcibly close the computer than click on a button created by the bad guys.
Start Task Manager by hitting Ctrl-Alt-Del and clicking on “Task Manager,” OR by right-clicking on the toolbar at the bottom of the screen and clicking on “Task Manager.”
I’m only proposing this in cases where you’re at risk. Legitimate web sites might want to install ActiveX controls or have you display something in a popup window. If you look at the address in the browser and you can tell you’re at a legitimate site, do things confidently.
But if you think you’re logging into Wells Fargo and the address in the browser is something like http://www.russianmafia.rus or http://75.149.54.33 instead of www.wellsfargo.com, be very afraid. (And if you clicked on any of those links, you’re missing the point. Be careful!)