Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How to block Fake Flash update ?


  • Please log in to reply
8 replies to this topic

#1 Alley Cat

Alley Cat

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:08 AM

Posted 08 February 2016 - 12:12 AM

I keep getting fake notices to update Flash.   How do I block the popups, popunders and ads to "update" Flash ?
 
It is clickbait and I do want to have another run-in with Malware and drive by infections if I can prevent it somehow.  I am hoping for an extension to use in Firefox and Chrome.

Edited by Alley Cat, 08 February 2016 - 05:06 PM.


BC AdBot (Login to Remove)

 


#2 Nikhil_CV

Nikhil_CV

    Vestibulum Bleep


  • Members
  • 1,145 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:err: Destination unreachable! bash!
  • Local time:08:38 PM

Posted 08 February 2016 - 03:58 AM

Hi,

Please read through below documents:

Simple and easy ways to keep your computer safe and secure on the Internet
How to detect vulnerable programs using Secunia Personal Software Inspector


Answers to common security questions - Best Practices by Quietman7

About ads and preventing them

 

If you feel you are infected or unable to solve the issue even after following those articles, I suggest you to follow the steps and create a request topic in

Virus, Trojan, Spyware, and Malware Removal Logs
Regards : CV                                                                                                    There is no ONE TOUCH key to security!
                                                                                                                                       Be alert and vigilant....!
                                                                                                                                  Always have a Backup Plan!!! Because human idiotism doesn't have a cure! Stop highlighting!
                                                     Questions are to be asked, it helps you, me and others.  Knowledge is power, only when its shared to others.            :radioactive: signature contents © cv and Someone....... :wink:

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,388 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:08 AM

Posted 08 February 2016 - 09:09 AM

Since Adobe Flash is a popular and globally used program, attackers often tarket it using social engineering to facilitate the spread of malware...in this case through fake Flash updates.

As such, you have to take precautions to protect yourself from Social Engineering which describes any act by cyber criminals that influences or entices a person to take an action which often results in compromising normal security procedures and malware infection. The attacker relies heavily on human interaction (the weakest link in security) and often involves tricking people in order to achieve the attacker's desired result. Social engineering has become one of the most prolific tactics for distribution of malware, identity theft and fraud.

How to determine if a Flash update notification is legitimate
Is That Software Update Actually Malware?


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 rp88

rp88

  • Members
  • 2,998 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:08 PM

Posted 08 February 2016 - 01:53 PM

My personal advice here would be to run an ad blocker, or even better use firefox as your browser and run noscript and adblockplus as extensoions within it. In such circumstances, as long as you're careful about which sites you allow to run scripts, these kind of fake update adverts/fake download button adverts/fake pop ups/pop up windows... won't be able to load.

The links for noscript and adblockplus are below:

https://noscript.net/
https://adblockplus.org/en/

Other adblockers can be used but noscript works especially well alongside adblockplus. Note that you might want to go into adblockplus's options menu to untick "allow some non-intrusive adverts".

I've had both these running in firefox for a long time now, haven't seen any fake download buttons or pop-ups or fake update prompts at all since I started using these two extensions.

Noscript also helps stop drive-by infections, so long as you don't accidentally allow a dodgy site to run scripts.

Edited by rp88, 08 February 2016 - 01:55 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,388 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:08 AM

Posted 08 February 2016 - 02:47 PM

Didn't realize I left out part of my intended posting so here is the rest of it.

Fake Adobe updates and message alerts are typically encountered when visiting a malicious or compromised web site.

Just like most Phony Tech Support Scams...closing the web browser and then relaunching it usually eliminates the fake update message and is the best way to deal with it. If the browser freezes or hangs, you may have to close it with Windows Task Manager by selecting End Task. Afterwards, be sure to refresh (clear) your browser's cache.

Often malware will be presented as a download from within a specially crafted browser window that displays a Web page which is intended to look like a program running on your system. If you see a notice to install Flash, and then quit your Web browser and the notice goes away, then this is a good indication that it is not legitimate and is likely an attempt to lure you into downloading malicious software.

If the fake update alerts continue to appear after closing and reopening the browser, they could be the result of an ad-supported browser extension, adware or potentially unwanted programs typically bundled with other free software you download and install.In that case, you may need to check for and remove unfamiliar browser extensions and add-ons/plug-ins or reset your browser to its default settings...then perform security scans with Malwarebytes Anti-Malware, Emsisoft Emergency Kit, AdwCleaner, and JRT (Junkware Removal Tool).
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 Alley Cat

Alley Cat
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:08 AM

Posted 08 February 2016 - 05:10 PM

Fake Adobe updates and message alerts are typically encountered when visiting a malicious or compromised web site.

Just like most Phony Tech Support Scams...closing the web browser and then relaunching it usually eliminates the fake update message and is the best way to deal with it. If the browser freezes or hangs, you may have to close it with Windows Task Manager by selecting End Task. Afterwards, be sure to refresh (clear) your browser's cache.


I have a hardware firewall within easy reach. When a browser misbehave or something happens like the fake anti-virus Tech. Support and fake flash notices appear, I disconnect my LAN. Then I deal with the pesky tab, and run scans.

#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,388 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:08 AM

Posted 08 February 2016 - 06:14 PM

If the source was just your browser and it goes away after closing/re-opening, there really is no need to run a serious of security scans. Of course, running your scans can't hurt especially if you notice a lot of extensions/add-ons in your browser which you did not install.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 rp88

rp88

  • Members
  • 2,998 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:08 PM

Posted 09 February 2016 - 12:02 PM

Post #7
Even if someone has not been infected by such fake-pop ups the fact that such fake pop ups are able to happen to them means they are somewhat more vulnerable than is ideal, certainly more vulnerable than I fell comfortable being. In my view a browser that can display that sort of content without express permission from the user isn't very secure, and could fall victim to drive-by attacks. I suggest that the first and easiest step would be to set all plugins to either be disabled (those you don't use) or "ask to activate"/"click to play" for those you sometimes use, this atleast reduces some of the vulnerabilities and ensures that if pop ups occur they can't start flash or java. Alone this step will not prevent pop-ups but it will reduce security risks a lot. For actually blocking pop-ups an adblocker and/or script blocker is a user's best bet. I don't personally feel safe browsing without mine.


alley cat post#1: do these pop ups and fake prompts only occur on certain sites you visit, you could consider having one browser for most browsing, a browser set up in a fairly normal configuration and another browser really locked down with script and ad blocking for when you visit sites where you know you get problems with fake prompts/fake download butttons/pop ups/unders. Under such circumstances I'd make chrome the normally setup one and firefox with noscript and an adblocker the locked down one.

P.S. consider malwarebytes anti-exploit as well, it'll help ensure that if fake prompts do display they won't be able to follow through* and exploit the rest of your system.

*some fake prompts might have exploits in them these can infect you without needing your interaction(this is what scriptblockers and malwarebytes antiexploit help stop), others (most) just rely on users being tricked into doing as the prompt/pop up says and infect the user by encouraging the user to actually download something nasty and run it (this is what being cautious and careful stops).

Edited by rp88, 09 February 2016 - 12:05 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,388 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:08 AM

Posted 09 February 2016 - 12:51 PM

These are not infections in the typical sense (viruses, worms, rootkits, etc) that folks are accustomed to dealing with. As I already explained, this stuff is typically encountered via social engineering tricks, bogus web pages and folks.

Folks need to be aware of this tactic and how to recognize legitimate updates from the phony ones. You cannot depend on security tools to protect yourself from every kind of threat on the Internet.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users