The fake virus warning advertisements

[JayLapointe]

I just wanted to warn anyone that doesn't have a paid membership on this site that some of the advertisements are dubious and will actually redirect your web browsers to fake virus warnings. It'll kick forward to a new page with alerts from "norton" saying your computer is infected and to take action. It is a credit card phishing scam. I'm not sure if the site admin have any control of which particular adds get fetched, but I've seen some folks falling for other online scams and thought I should warn folks about this one. It's doubly annoying in that sometimes you'll be halfway through a post and it'll kick forward. So not only do you have to deal with the fake virus scam, but you've also lost everything you've been writing. This is actually the 3rd attempt at writing this post for that very reason.

Anyways play safe folks, just know that if you are on this site and your web browser starts suddenly claiming you've got a virus, you don't. I've seen this same sort of thing happen on other sites, but not with the tenacity or frequency it happens here.

 

[Satal]

Hi @JayLapointe,
Thanks for flagging this. That doesn't sound like the adverts that we should be getting. However, I will flag it to the ad network.
As far as the kicking forwards are concerned, unless you're clicking on it, adverts on this site cannot do this. As a general precaution, I suggest running your antivirus and checking which browser plugins you have. It sounds suspiciously like a Chrome Extension my mum had not too long ago, which she got from installing some software on her computer. She started getting lots of virus and crypto ads showing

If you do see this again on the site please can you take a screenshot and send it to me along with the link to the page you were looking at, as I'll include this in what I sent to the ad network.

 

[JayLapointe]

Hi @JayLapointe,
Thanks for flagging this. That doesn't sound like the adverts that we should be getting. However, I will flag it to the ad network.
As far as the kicking forwards are concerned, unless you're clicking on it, adverts on this site cannot do this. As a general precaution, I suggest running your antivirus and checking which browser plugins you have. It sounds suspiciously like a Chrome Extension my mum had not too long ago, which she got from installing some software on her computer. She started getting lots of virus and crypto ads showing

If you do see this again on the site please can you take a screenshot and send it to me along with the link to the page you were looking at, as I'll include this in what I sent to the ad network.

Yeah I've only encountered it with this specific website. Only from a PC browser, in my case Chrome. and I've had it happen numerous times on my PC and Laptop both. I'll take a screen shot next time and post the example.

 

[JayLapointe]

@Satal I did want to mention that just to be cautions I went ahead and double checked my extensions/plugins. Apart from the two I knew I was running, Adobe for pdf, and google docs, I wasn't running anything else that may have been causing the redirects. One of the many roles I have at my job is managing IT, so I'm pretty cautious and safe online. But wanted to let you know I had ruled that out, since you'd suggested it as a potential source.

 

[JayLapointe]

@Satal oddly I didn't get that forward happen for a few days after posting. It had been happening daily but it did just now happen again. As I say only when on this site. Lost the reply to a message I'd been working on for the better part of 10 minutes.

 

[Satal]

@Satal oddly I didn't get that forward happen for a few days after posting. It had been happening daily but it did just now happen again. As I say only when on this site. Lost the reply to a message I'd been working on for the better part of 10 minutes. View attachment 148220

Do you use Norton AV on your computer?

 

[JayLapointe]

Do you use Norton AV on your computer?

I wouldn't touch Norton antivirus or McAfee for that matter. This isn't anything to with my computer. This is coming from your site adverts. At this point in time, I've encountered this on 4 different computers using 3 different internet networks. Home, office #1, office #2.

Either way, I'm fine, I know enough not to follow those links. As I've said before, I manage IT for a living. Just annoying when you are partway through a message and it happens. But I type fast so it's a minor set back.

The only other time I've ever seen the same thing occur, was from advertisements from "the weather network dot com". Though in that case it was saying McAfee but the rest was the same idea. Actually had to send out a similar warning email to all the staff at work about the situation. The weathernetwork one was more sophisticated as it actually made the browser go into full screen at the same time disabling the ability to exit full screen with a ctrl alt del to the task manager. This one here you still see the browser links and you just hit back. Pretty amateur actually for what it is.

 

[Judge]

@Satal oddly I didn't get that forward happen for a few days after posting. It had been happening daily but it did just now happen again. As I say only when on this site. Lost the reply to a message I'd been working on for the better part of 10 minutes.

Just speculating.

Have you considered temporarily running another browser like "Brave" which uses Chrome's engine, but has superior ad-blocking, privacy and security? Just to see if Brave by chance filters out such scareware that Chrome does not. If it truly is "scareware", what you can't see can't hurt - or bother you.

After all, it's no secret that Google does not condone ad-blocking, and has incrementally reduced such abilities in their own browser over the years.

I'm also wondering if such scareware is triggered through an event handler by an advertiser's URL alone, and what the odds may be of a particular user to encounter that URL again in another domain. Making it appear as if the offending software is in one of those domains when it isn't.