Are you familiar with phishing? It’s when someone uses technology to trick you into sharing your username, password, credit card and even making a payment to them through authentic-looking means. Common methods include emails designed to look like official bank or Paypal notices that your account has been hacked you need to share your login information.

Don’t! Don’t share your information. Don’t let yourself be fooled.

A friend told me about a nasty phishing attempt he nearly fell for. Here’s the story.

That tweet shares an article about a critical Java exploit. My friend did as the message suggested. He disabled Java in all of his browsers.

Yesterday, he had to log in to WebEx for a work meeting. That required him re-enabling Java on his Firefox browser, He did, very reluctantly. The meeting went well. Then, Firefox started acting funny and some console processes caused his computer to slow down. It was the end of the day so he turned off his system and left.

Today, he went to Facebook using Firefox and was presented with a page which states “Your account has been blocked.”

The layout of the page, the message, so much about this web page felt real. And, he almost fell for it (he noted with a feeling of shame).

Thankfully he looked closer and noticed there was no indication of it being a secure web page, something Facebook enforces on its site. He then tried accessing Facebook using Google Chrome and had no problem reaching and logging in to the site.

A virus scan turned up an unrelated virus that McAfee had caught. MalwareBytes found a few other baddies. He also ran cCleaner. Yes. My friend is hard core when it comes to protecting his PC.

After restarting his computer, he tried accessing Facebook in Firefox. Same problem.

Further investigation uncovered that the only way to recover was to restore from an earlier version (Restore Point in Windows 7 XP and up). He went back to September 11. That worked!

It turns out Java had been (re)disabled in all browsers!!

He has since disabled Java, manually, in all of his browsers to prevent another exploit from making it through.

As my friend notes, this is a very scary scam. That page looks very real and it is very sticky. Apparently he’s not alone.

Share This

Share this post with your friends!