Thursday, August 4, 2011

Security Risk; how to avoid the "...make frustrating changes to your browser." warning.

I love living in the age of computers and the Internet.  They are two tools that have given opportunity and access to worlds I never even thought could have existed.  I can write and publish whatever I want, edit video or music at home without expensive machines (or software), and learn interesting things about people, places and things.  Occasionally, the Internet and my computer work against each other.  Sometimes when I am searching for images on the Internet, this pop-up will appear:

A careful reading would reveal that this warning has many grammatical errors and is written in a non-Microsoft style.  But many computer users never read these things, myself included.   I would try to close it, but as soon as I clicked anywhere, my screen would be replaced by a short animation that looks like my computer is being scanned.

There is the C: drive, a CD/DVD drive, etc., all things that exist on many computers.  A closer look reveals that this computer has two hard drives,  C: and D: ; unusual but not unheard of.  Plus there is a floppy drive, which is obsolete, and the disc drive is only for reading CDs.  I know enough about my machines to know that is not what my computer would look like in a Windows Explorer window. There is also the familiar, green progress bar that tell the user exactly how slow Windows Vista is making their computer run the scan's progress.  Then there is the scary parts; a list of all byte-sized nasties that are (supposedly) currently residing on their computer and that their computer is unprotected from viruses.  Also,

Most people have very little idea of how their computer functions.  To them, as long as it does what it is supposed to, why bother? Being told that they are in danger from unknown sources causes a great deal of anxiety.

To increase their anxiety, when the bogus scan "completes" this window pops up:

As with the first image, someone has made a great effort to make this look like a real message from a Windows computer. Windows users are used to single or double clicking on a window just like the one above to solve their problems.  Unfortunately for the inexperienced, this simplicity creates a misguided trust that is easily exploited.  Clicking anywhere on the screen gives permission for the download of what is definitely not the answer to any security problem.  

What is downloaded is an executable file (a program) that is malicious (mal-ware).  It won't fix the problem, in fact it will create problems that were not there before.  Also, it will urge the user to purchase more software to fix the problem.  Of course, once they have the user's credit card info, the gates are open for all sorts of mischief, including identity fraud.

My chiropractor, a young man who grew up using computers, fell victim to just this kind of scam.  When buying the extra software didn't help, he took his computer to a shop that charged him hundreds of dollars in labor for their attempts to restore his damaged computer to its previous state. A few days later he received a call from his credit card company, alerting him to suspicious activity in his account.  Someone was using his card to make cash advances.

Even regular vigilance and precautions can let a Windows user down. Two years ago, despite having up-to-date virus and malware software, and running regular scans, one of my computers got bit by a nasty rootkit virus that drastically affected my Windows XP desktop.  When I had to pay hundreds of dollars to get my machine restored, I needed to get serious about finding something better than Windows.

That was when I decided to get serious about finding a secure operating system.  I chose the Ubuntu Linux distribution because I heard it was simple to use, utilitarian in purpose and well supported.  Plus, most Linux software is free, including a Microsoft Office like suite of programs, really good audio and video editing software and The Gimp, an image manipulation program that rivals Photoshop creating amazing graphics.

Linux machines are designed to be more secure.  I had no idea how that rootkit came to ravage my Windows XP system, but suddenly, my slow computer became even slower, my browsers were hijacked and I could no longer run scans or do a system restore.  However, trying to replicate the same mistake that lead to my previous trouble brought this message up on my Ubuntu laptop:

The Ubuntu operating system recognized that a file had been downloaded and was trying run without my permission.  Because of the way programs are launched, in order for this particular program to run, I would need to give permission for it to run.  This step makes the user think about what they are doing before proceeding to deliver their virginal computers over to the seething hoards of Gommorahh.

As for the Apple users who believe their machines are invincible, this article and this one should wipe that smug grin off your faces.

Please feel free to leave your comments below.


Bill D. Courtney said...

I got snagged by this once. I knew it was a scam but it was almost impossible to not click it trying to shut it off. I spent all day but cleaned it off my system but had to use another PC as my window was covered in pop ups. I got some info on how to fix my registry for this specific problem then ran some scans and the problem was gone. That is the short version of the story of course. I think I spent 6 or 8 hours on this or more.

I have windows 7 now and I got this again once and I rebooted my computer and the warning did ot reappear. It was real nasty stuff. Looked very convincing as you said.

Michael Williams said...

Wow, I could have read this one a little more carefully!

A guy that worked in IT told me that invisible, java windows are the way scammers get access; clicking anywhere on your screen grants access.

It is best to use keyboard short cuts or disconnect from the internet before doing anything.

Bill D. Courtney said...

I think I was just lucky the last time. I think unplugging the net is the way I will go next time. I live in china and you simply have to know a few basic tricks here to get by. If you can't you will always have issues. I am surei always have a couple nasty critters on my hard drive somewhere. It is like we have some bad bacteria in us all of the time. Sometimes they don't do anything, but I hate it. I have have to redo my whole system a few time and it is a lot of work. Just over some weird malware or virus issue. With the problem above, like you said, I could not even run a scan to detect it. I used our other PC to research and download a registry fix, bug if I did not have the backup PC and connection that would have been impossible. I may still have the links to that problems somewhere and will pass them on to you if I bookmarked them.