Cumulus Support

Last week I had over 10 clients that had been infected by visiting quite legitimate websites i.e. London Stock Exchange for one. Here is an article on the subject http://www.bbc.co.uk/news/technology-12608651

This is what you see on the PC It made no difference what well known security they had, it got in, therefore, as a tip (no I'm not on any commission) you may want to consider using Sanboxie http://www.sandboxie.com/index.php?GettingStarted (you can use it free but you do get a nag after 30 days) when browsing the net, I believe Kaspersky includes this facility in their security.

Nasty!! Glad I use Mac OS X or Linux for web browsing rather than Windows.

Equally, some onus must be put on the user as any software designed to protect you is never going to completely protect.

I reckon the people that fell for this particular one should not be using a computer Any responsible person would question this -- look at how it is written; the style, the grammar etc. When have you ever seen such a poorly constructed message.

Unfortunately, it seems that seeing the message means it is too late as it has already installed on your system and disables your security and severely restricts what you can then do. However, it's not happened to me so I can't be precise about how it gets in. When asking the clients they never recall what they experienced, saw or did prior to the problem.

From what I can see it is only an advert faked to 'look' like a valid warning. The user then has to click to buy their bogus product and install it.

Neil, sounds like a great opportunity to offer to train/educate your customers (and make some money)

daj wrote:From what I can see it is only an advert faked to 'look' like a valid warning. The user then has to click to buy their bogus product and install it.

Neil, sounds like a great opportunity to offer to train/educate your customers (and make some money)

Very true, not the most stimulating/interesting of tasks but financially rewarding none the less.

My 'home' PC that the kids and my wife uses got infected with this earlier on in the year - it was trivial to remove, but the infection had spread from my wives account to the kids accounts - all of them are non-priveldged users. It had not spread to the admin accounts.

Just seeing the notice was enough to 'install' it - my wife immediately told me about it before doing anything else (as it does look so suspicious) I 'killed' her Firefox session from task manager and logged her off, but the damage was done. But as I say very easy to clean-up, it had just placed itself into the auto-start programs list in the registry -so delete the registry entries and remove offending files from disk.

This was before the date quoted in that article though, so perhaps it has got more sophisticated now.

mcrossley wrote:This was before the date quoted in that article though, so perhaps it has got more sophisticated now.

Yes, I remember those and they were simple to get rid of as you say but with each incarnation they have got more sophisticated!

Gina wrote:Nasty!! Glad I use Mac OS X or Linux for web browsing rather than Windows.

A common misconception is that that there is no malware problem if you use a Mac or Linux. In fact, there are several viruses, malicous scripts, and other issues targeting every platform, up to and including smart phones. You don't hear a lot about it because non-Windows operating systems comprise such a small segment of the market. Nevertheless, don't drink the kool-aid. A mindset of skepticism and distrust is healthy no matter how you surf the web.

Charlie wrote:A mindset of skepticism and distrust is healthy no matter how you surf the web.

Absolutely!! I'm very sceptical myself.

{EDIT] not sure if I understood the original post correctly, but [/EDIT]
this might help folr emails in Internet Explorer at least:

Under View, select Layout,
In the lower half of the window, see [Preview Pane] -
remove (or do not have a) check mark in the [Show Preview Pane] field.

This allows IE to download only the Subject, Sender's info, Date, etc, and prevents it from downloading the message until you actually click on that message.

Its worked for us for many years to prevent infection.

sanramonrover wrote: this might help folr emails in Internet Explorer at least:

Under View, select Layout,
In the lower half of the window, see [Preview Pane] -
remove (or do not have a) check mark in the [Show Preview Pane] field.

Emails in IE? Hmm. I think you're talking about Outlook.

You're right Steve. Its 'cause I open Internet Explorer to get to my email program, Outlook Express.