Home Security
PC Matic
PC Matic VPN
More Products
Support Unlimited
Identity Theft Protection
PC Magnum
Threat Awareness
How PC Matic Protects You
SuperShield Whitelist
Compare PC Matic
Norton
McAfee
Avast
AVG
Business Protection
PC Matic Pro
PC Matic MSP
Solutions
Allowlisting
Script Enforcement
Device Control
Patch Management
Remote Tools
Integrations
Server Security
Learn More
Resellers
Affiliates
Resources
Case Studies
Compare PC Matic Pro
ThreatLocker
Airlock Digital
VMware Carbon Black
AppLocker
For Federal
Partner Programs
Managed Service Providers
Channel Partners
Affiliate Partners
OEM Partners
Resource Center
All Resources
Case Studies
Data Sheets
User Guides
White Papers
Blog Resources
PC Matic Blog
Business Security
Home Security
Cyber News
Scam Alerts
Customer Service
Home Support
Business Support
Learn More
Getting Started
Knowledgebase
Tech Support Scams
Fake Virus Scams
Tools & More
Ransomware Center
Internet Speed Test
PC Matic
About
Careers
Learn More
Industry Recognition
Leadership
Commercials
Stay Up-to-Date
Newsroom
Blog
Events
TechTalk Podcast
Home Customers
My Account
PC Matic App
Add a Device
Renew Subscription
Business Customers
Business Login
Business Support
Search

Ask Leo: How did a website install malware on my PC?

askleo

By Leo Notenboom

I went to a website and the moment I got there, my computer started to tell

me that I had virus. I know I did not except for this advertising; I have

antivirus and antispyware and it still got in. I found it and put the program in the

all users application data. After I removed it and restored to an earlier date, it

was gone. I went back to the same site and nothing happened. So, my question is how

did it install the program on my computer and why did it not do it the second time

I went back to the same site?

First, I want to let you know that you were lucky; this approach to malicious
infection is incredibly devious and, sadly, often successful.

I also want to say that if you restored from a backup to get rid of it,
that’s excellent. Unfortunately, other manual approaches to getting rid of
malware – including system restore – are not guaranteed to always remove all
traces.

Let’s review what probably happened.

It’s A Trap!

It’s pretty easy to make something that looks like a very
legitimate Windows alert or error message that tells you “OMG! YOU’RE INFECTED!
CLICK OK TO FIX IT!”.

OMG You're Infected! Not.

(I’ve used a very simple example – actual malware often replicates
very complex and official looking alert dialogs and message boxes.)

Of course, if you click on OK rather than dismissing the warning, the fake
message box is crafted to take that as a request to download and install
malware. In fact, a fake message box can be crafted so that anything that you might
do to close it, including clicking the “x” at the upper right or typing ALT+F4 to exit, actually instructs your browser to download and install malware.

Various approaches, including limited user accounts, or Windows User
Account Control, can help thwart the attempt or minimize the damage, but on
systems where security is lax, this is one way that malware purveyors get on to
your machine.

A very common type of malware that does this is often referred to as
“hostage-ware”, because once installed, it demands payment to download software
that will supposedly remove the malware.

Don’t. Not only will you have given your credit card information to one of
the bad guys, but often, the “fix” simply doesn’t.

Article Continued Here: Avoiding The Trap

This post is excerpted with Leo’s permission from his blog.

FaceBook URL: Leo’s Facebook

Twitter URL: http://twitter.com/askleo

Stop Responding to Threats.
Prevent Them.

Get Protected

Want to get monthly tips & tricks?

Subscribe to our newsletter to get cybersecurity tips & tricks and stay up to date with the constantly evolving world of cybersecurity.

Related Articles