Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Poisoned Websites – Malware, etc.

  • 2 uphendule
  • 1 inale nkinga
  • 11 views
  • Igcine ukuphendulwa ngu Amelia

more options

I am a Cyber Security Specialist and System Integrator (www.techwareusa.com and www.cybersecureusa.com ). I have developed a pretty good Cyber Security Stack with the exception of one chink in my armor. I have been running the Stack on my Clients systems (about 100 total) for over two years and have had only one breach. That breach was caused by the Client not following my suggestion (read any popup and don’t just click through it). He does now.

Part of my Stack is Firefox which I like a lot except that your cyber security leaves one thing as an exposure.

If one were to browse to a poisoned website (namely one infected with malware of some type) and click on an inserted link, malware is automatically downloaded and installed. Firefox does nothing to stop the system from being infected. This kind of website is one that pops up with a big red screen saying your machine has been infected with a “trojan” or some such. Do not attempt to turn off your system and call Microsoft Support at xxx-xxx-xxxx” (often an 800 #). Indeed, the browser is locked and can’t be closed from a normal action. (When I install Firefox, I setup the security features for my Clients including telling it to block pop-up windows and Warn you when websites try to install add-ons in the Privacy & Security, Permissions section. I have my Clients systems under my control via Splashtop Remote Support into my office. If the “Tech” hasn’t messed up my Splashtop install, I will go in, use Task Manager to shut down Firefox and then clean the system. If the “Tech” did mess up my Splashtop install, the system will have to be sent to me to fix. I have Clients in several states across the southern part of the country.

If the Client calls the 800# the “tech” will remotely access their system and totally messes it up with registry entry’s, replacing files with corrupted versions and such actions. All of this to raise the cost to my Client. They will charge the Client about $700 to $800 but also they will get the Client’s Credit card information to sell. The Client will then call me and often the system is so messed up that I have to reload the OS and missing applications plus my time and the total cost to the Client is often well over $1,000.

I have been looking for software that will block these poisoned websites. The only one that I have found that looks like it will work is Threatlocker. While a good product, the company has its head in the wrong place as far as setting up resellers. I am a reseller and have been in business for over 28 years and have had many vendor relationships. These folks want us to sign both an End User Agreement (that makes me responsible for the way that my Clients use their software) plus they want me to sign a Partner Agreement. In my mind I cannot be both and certainly will not agree to be the end user.

Back to what I am asking help on is the automatic install of the malware off of the poisoned website. Perhaps a browser “setting” to ask for an override button option to be able to install software on the system. If I chose this in the Firefox Settings it will take an action on the part of the user to override the automatic install. In fact, if we could add to the option a number of times (and maybe a message, like CALL BILL before you proceed) that the override button has to be pressed to do the install. The more I can get the user to think, the better it will be for them and the more they will appreciate Firefox and me. No other browser has any feature like this.

I am a Cyber Security Specialist and System Integrator (www.techwareusa.com and www.cybersecureusa.com ). I have developed a pretty good Cyber Security Stack with the exception of one chink in my armor. I have been running the Stack on my Clients systems (about 100 total) for over two years and have had only one breach. That breach was caused by the Client not following my suggestion (read any popup and don’t just click through it). He does now. Part of my Stack is Firefox which I like a lot except that your cyber security leaves one thing as an exposure. If one were to browse to a poisoned website (namely one infected with malware of some type) and click on an inserted link, malware is automatically downloaded and installed. Firefox does nothing to stop the system from being infected. This kind of website is one that pops up with a big red screen saying ''“'''your machine has been infected with a “trojan”''' ''or some such. '''''Do not attempt to turn off your system and call Microsoft Support at xxx-xxx-xxxx” (often an 800 #)'''''. Indeed, the browser is locked and can’t be closed from a normal action. (When I install Firefox, I setup the security features for my Clients including telling it to block pop-up windows and Warn you when websites try to install add-ons in the Privacy & Security, Permissions section. I have my Clients systems under my control via Splashtop Remote Support into my office. If the “Tech” hasn’t messed up my Splashtop install, I will go in, use Task Manager to shut down Firefox and then clean the system. If the “Tech” did mess up my Splashtop install, the system will have to be sent to me to fix. I have Clients in several states across the southern part of the country. If the Client calls the 800# the “'''''tech”''''' will remotely access their system and totally messes it up with registry entry’s, replacing files with corrupted versions and such actions. All of this to raise the cost to my Client. They will charge the Client about $700 to $800 but also they will get the Client’s Credit card information to sell. The Client will then call me and often the system is so messed up that I have to reload the OS and missing applications plus my time and the total cost to the Client is often well over $1,000. I have been looking for software that will block these poisoned websites. The only one that I have found that looks like it will work is Threatlocker. While a good product, the company has its head in the wrong place as far as setting up resellers. I am a reseller and have been in business for over 28 years and have had many vendor relationships. These folks want us to sign both an End User Agreement (that makes me responsible for the way that my Clients use their software) plus they want me to sign a Partner Agreement. In my mind I cannot be both and certainly will not agree to be the end user. Back to what I am asking help on is the automatic install of the malware off of the poisoned website. Perhaps a browser “setting” to ask for an override button option to be able to install software on the system. If I chose this in the Firefox Settings it will take an action on the part of the user to override the automatic install. In fact, if we could add to the option a number of times (and maybe a message, like CALL BILL before you proceed) that the override button has to be pressed to do the install. The more I can get the user to think, the better it will be for them and the more they will appreciate Firefox and me. No other browser has any feature like this.

All Replies (2)

more options

Is the malware a XPI? We definitely don't start EXEs automatically.

Helpful?

more options

Hello, These websites are scams. These websites use the JavaScript window.alert() function to say that there is malware (something that websites would not be able to detect unless malware was specifically altering packets) in order to get people to call the aforementioned "techs" (scammers) who connect to the victim's computer, play around to try and make it seem like there is malware (and may actually install malware, attempt identity theft, or directly siphon funds from a bank website), then ask for money for a bogus service.

Firefox does not allow any executable to be run without prompt (by default--you would need to go into about:config and change this). This includes exe's, msi's, dmg's, jar's, etc.

window.alert() does "freeze" Firefox in the way that it stops the user from doing anything until they click okay. More information here https://developer.mozilla.org/en-US/docs/Web/API/Window/alert

You must tell your clients that these are something they should ignore -- just click the okay button, then the "prevent this page from creating additional dialogs" check mark to "Unfreeze" their firefox. Then the client can close the tab and continue with whatever they were doing.

Helpful?

Buza umbuzo

Kufanele ulogele ukungena ku-akhawunti yakho ukuze uphendule amaphosti. Uyacelwauqale umbuzo omusha, uma ungekabi nayo i-akhawunti namanje.