How to block Fake Flash update ?

I keep getting fake notices to update Flash.   How do I block the popups, popunders and ads to "update" Flash ?
 
It is clickbait and I do want to have another run-in with Malware and drive by infections if I can prevent it somehow.  I am hoping for an extension to use in Firefox and Chrome.

Edited by Alley Cat, 08 February 2016 - 05:06 PM.

Hi,

Please read through below documents:

Simple and easy ways to keep your computer safe and secure on the Internet
How to detect vulnerable programs using Secunia Personal Software Inspector


Answers to common security questions - Best Practices by Quietman7

About ads and preventing them

 

If you feel you are infected or unable to solve the issue even after following those articles, I suggest you to follow the steps and create a request topic in

Virus, Trojan, Spyware, and Malware Removal Logs

Since Adobe Flash is a popular and globally used program, attackers often tarket it using social engineering to facilitate the spread of malware...in this case through fake Flash updates.

• Ransomware Tops List of Social Media Security Threats
• How ransomware scams on social media often work
• Experts Warn of Mobile Ransomware Deluge on Social Media
• Fake Adobe Flash Update Installs Ransomware, Performs Click Fraud

As such, you have to take precautions to protect yourself from Social Engineering which describes any act by cyber criminals that influences or entices a person to take an action which often results in compromising normal security procedures and malware infection. The attacker relies heavily on human interaction (the weakest link in security) and often involves tricking people in order to achieve the attacker's desired result. Social engineering has become one of the most prolific tactics for distribution of malware, identity theft and fraud.

• What is Social Engineering
• Common social engineering attacks
• Social Engineering Fundamentals, Part I: Hacker Tactics
• Social Engineering Fundamentals, Part II: Combat Strategies
• Avoiding Social Engineering and Phishing Attacks
• Five Reasons People Fall Victim to Social Engineering Attacks

How to determine if a Flash update notification is legitimate
Is That Software Update Actually Malware?

My personal advice here would be to run an ad blocker, or even better use firefox as your browser and run noscript and adblockplus as extensoions within it. In such circumstances, as long as you're careful about which sites you allow to run scripts, these kind of fake update adverts/fake download button adverts/fake pop ups/pop up windows... won't be able to load.

The links for noscript and adblockplus are below:

https://noscript.net/
https://adblockplus.org/en/

Other adblockers can be used but noscript works especially well alongside adblockplus. Note that you might want to go into adblockplus's options menu to untick "allow some non-intrusive adverts".

I've had both these running in firefox for a long time now, haven't seen any fake download buttons or pop-ups or fake update prompts at all since I started using these two extensions.

Noscript also helps stop drive-by infections, so long as you don't accidentally allow a dodgy site to run scripts.

Edited by rp88, 08 February 2016 - 01:55 PM.

Didn't realize I left out part of my intended posting so here is the rest of it.

Fake Adobe updates and message alerts are typically encountered when visiting a malicious or compromised web site.

Just like most Phony Tech Support Scams...closing the web browser and then relaunching it usually eliminates the fake update message and is the best way to deal with it. If the browser freezes or hangs, you may have to close it with Windows Task Manager by selecting End Task. Afterwards, be sure to refresh (clear) your browser's cache.

Often malware will be presented as a download from within a specially crafted browser window that displays a Web page which is intended to look like a program running on your system. If you see a notice to install Flash, and then quit your Web browser and the notice goes away, then this is a good indication that it is not legitimate and is likely an attempt to lure you into downloading malicious software.

If the fake update alerts continue to appear after closing and reopening the browser, they could be the result of an ad-supported browser extension, adware or potentially unwanted programs typically bundled with other free software you download and install.

• Fake Flash Player Update Causes Mayhem In Your Browser

In that case, you may need to check for and remove unfamiliar browser extensions and add-ons/plug-ins or reset your browser to its default settings...then perform security scans with Malwarebytes Anti-Malware, Emsisoft Emergency Kit, AdwCleaner, and JRT (Junkware Removal Tool).

Fake Adobe updates and message alerts are typically encountered when visiting a malicious or compromised web site.

Just like most Phony Tech Support Scams...closing the web browser and then relaunching it usually eliminates the fake update message and is the best way to deal with it. If the browser freezes or hangs, you may have to close it with Windows Task Manager by selecting End Task. Afterwards, be sure to refresh (clear) your browser's cache.

I have a hardware firewall within easy reach. When a browser misbehave or something happens like the fake anti-virus Tech. Support and fake flash notices appear, I disconnect my LAN. Then I deal with the pesky tab, and run scans.

If the source was just your browser and it goes away after closing/re-opening, there really is no need to run a serious of security scans. Of course, running your scans can't hurt especially if you notice a lot of extensions/add-ons in your browser which you did not install.

Post #7
Even if someone has not been infected by such fake-pop ups the fact that such fake pop ups are able to happen to them means they are somewhat more vulnerable than is ideal, certainly more vulnerable than I fell comfortable being. In my view a browser that can display that sort of content without express permission from the user isn't very secure, and could fall victim to drive-by attacks. I suggest that the first and easiest step would be to set all plugins to either be disabled (those you don't use) or "ask to activate"/"click to play" for those you sometimes use, this atleast reduces some of the vulnerabilities and ensures that if pop ups occur they can't start flash or java. Alone this step will not prevent pop-ups but it will reduce security risks a lot. For actually blocking pop-ups an adblocker and/or script blocker is a user's best bet. I don't personally feel safe browsing without mine.


alley cat post#1: do these pop ups and fake prompts only occur on certain sites you visit, you could consider having one browser for most browsing, a browser set up in a fairly normal configuration and another browser really locked down with script and ad blocking for when you visit sites where you know you get problems with fake prompts/fake download butttons/pop ups/unders. Under such circumstances I'd make chrome the normally setup one and firefox with noscript and an adblocker the locked down one.

P.S. consider malwarebytes anti-exploit as well, it'll help ensure that if fake prompts do display they won't be able to follow through* and exploit the rest of your system.

*some fake prompts might have exploits in them these can infect you without needing your interaction(this is what scriptblockers and malwarebytes antiexploit help stop), others (most) just rely on users being tricked into doing as the prompt/pop up says and infect the user by encouraging the user to actually download something nasty and run it (this is what being cautious and careful stops).

Edited by rp88, 09 February 2016 - 12:05 PM.

These are not infections in the typical sense (viruses, worms, rootkits, etc) that folks are accustomed to dealing with. As I already explained, this stuff is typically encountered via social engineering tricks, bogus web pages and folks.

Folks need to be aware of this tactic and how to recognize legitimate updates from the phony ones. You cannot depend on security tools to protect yourself from every kind of threat on the Internet.