I started getting the "Fake App Attack: Fake AV" over the last week. I seem to get an attack when on MS Internet Explorer.
I downloaded NIS yesterday. It prevented an attack yesterdayfrom URL guarantorqueerprocessinspection.pl I ran a full scan.
Today the attack came from a different URL:lowdelivererdetector.. Again I ran a full scan. When I did a check on NIS for the website, it didn't recognise it.
Is there anyway of preventing these attacks even coming to my PC in the first place? Even if NIS can detect them, it's annoying having to deal with them when I am on my browser.
I started getting the "Fake App Attack: Fake AV" over the last week. I seem to get an attack when on MS Internet Explorer.
I downloaded NIS yesterday. It prevented an attack yesterdayfrom URL guarantorqueerprocessinspection.pl I ran a full scan.
Today the attack came from a different URL:lowdelivererdetector.. Again I ran a full scan. When I did a check on NIS for the website, it didn't recognise it.
Is there anyway of preventing these attacks even coming to my PC in the first place? Even if NIS can detect them, it's annoying having to deal with them when I am on my browser.
do you have either Mozilla Firefox or Google Chrome installed on your computer and see if you are getting the same alert from Norton IPS, when you use Firefox or Chrome.
Try one or both programs to see if you are getting the same alert, as when you are using Microsoft Internet Explorer.
Sucuri reports that the site contains possible malicious JavaScript. The site appears to be compromised and Norton is blocking an actual attack. You may want to inform the site's webmaster and avoid using the site until it is cleaned up.
I got in touch with irishtimes.com and this is the response I got:
"We have successfully traced the fake anti-virus notice to a third party advertisement which was being intermittently delivered to users of The Irish Times web-site in recent days. As of Monday, this advertisement has been blocked from running on our site, and the third party advertisement agency have been alerted to the problem. Despite our team vetting the advertisement before it was launched on July 13th, the advert was subsequently altered by the third party late last week without our knowledge and began to distribute these false messages regarding viruses. We are reviewing our procedures involving such third party advertisers as we take our users security very seriously."
Yikes! The current version of Java 6 is Update 33. Running any earlier version is extremely dangerous, as older versions all contain security flaws that are among the most exploited vulnerabilities commonly seen in malware exploit packs. You are actually lucky that the compromise at Irish Times did not include such an attack - you could have been toast. If you need Java, please UNINSTALL any old versions still showing in Windows Add/Remove Programs and download either Java 6 Update 33 or Java 7 Update 5 from the Oracle download site. If you don't normally use Java to run applets, you don't really need to reinstall the program unless some application on your system requires it.
Thunderbird does not require Java to be installed. Here are a couple of articles about the dangers of running old Java versions and whether you should consider removing Java entirely (I did, and have not yet run into a website where it would have been necessary to reinstall it).