Don’t let sketchy pop-up ads scare you

Q. My Mac’s copy of Chrome greeted me this morning with a pop-up alert saying my computer had been blocked and that I’d have to call a toll-free tech-support number to get it fixed. How do I get out of that?

A. That pop-up, like every other one telling you to call a strange number lest Bad Things happen to your computer, is a lie. To get rid of it, either close the pop-up window or, if that doesn’t work, force-quit the browser: Hit the Command, Option and Esc keys on a Mac, the Ctrl, Shift and Esc keys in Windows, select the browser, and click “Force Quit” on a Mac or “End task” in Windows.

In the example that a friend asked about, the fraud was more obvious than usual. The text of this pop-up warned about “corruption to the registry,” which is a part of Windows but not Apple’s macOS, and advised calling “Microsoft certified technicians.”

But not all of these pop-up scams come from poorly programmed scripts assuming a Windows machine. The gallery of screen shots one Mac user posted to Apple’s tech-support forums includes some examples that aren’t so obviously fake.

These scams persist because, unfortunately, they work. As this briefing from Microsoft documents, calling the number on them will subject you to a pitch to buy fake malware protection and install trojan-horse malware on your computer.

A 2014 FBI warning suggests that paying once can lead to follow-on scams. It cites an undocumented report that one victim was told their money had gone to terrorists and had put them on a blacklist, from which they could be removed upon payment of an additional fee.

If you’re using a modern, secure browser like Google’s Chrome, the fault is probably not in any software on your computer but in a compromise of an otherwise legitimate site to launch pop-ups that abuse Web coding to make themselves difficult to close or dismiss.

The ad networks that fill many advertising spaces on sites have often been exploited as a transmission mechanism for these and less scammy pop-ups–I’ve seen them on the mobile site of the New York Times.

You can, however, take one step to cut down on the ways pop-up scams can seize your browser’s attention: Dump Adobe’s Flash plug-in by running Adobe’s uninstaller (for Windows and for Mac). I’ve said this before, but this multimedia plug-in continues to exhibit vulnerabilities that can compromise Mac and Windows computers–and as Web sites keep on abandoning it for Web-standard HTML5 media, the reasons to keep it around have shriveled.

You won’t be entirely free of Flash, as Google’s Chrome and Microsoft’s Edge (along with recent versions of Internet Explorer) include a locked-down version of the plug-in. But even that support is dwindling: Microsoft’s Anniversary Update to Windows 10 doesn’t run most Flash content automatically, and starting in December Chrome will make Flash entirely optional.

Advertisements
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s