Thursday, September 25, 2008

Internet Security U2U #1: How to deal with popups

The first thing to remember about popups is that they are like any other window. Windows are controlled either by Windows' window manager (Aero?) or Mac OS X's Aqua (?) user interface (UI). All windows have the same basic controls across all of them. Click on the icon in the upper left corner of a window in the title bar and you'll see what I mean. Right click on that window's corresponding task bar button and you'll see the same controls mirrored there with a few extra controls. This is also true of the Dock in Mac OS X. As well as Gnome and KDE under Linux. It is a basic UI design that any good UI designer worth their salt will implement into their designs. So you know that it's the go-to menu when you want to manipulate windows.

Popups are usually windows.

Now there is a different kind of popup that isn't a window because it never leaves the confines of a web page. Those are called "pop ins". They are usually created with an AJAX-like method. AJAX means Asynchronous Javascript and XML (or to some it means Asynchronous Javascript/Java, Adobe Flash and XML). It's the stuff Web 2.0 is made of. These types of pop-ins can be defeated by ad blockers and turning off Javascript (to a further extent disabling Flash and Java). Though this may break a lot of websites for you. Which is why you want to use an ad or popup blocker that does so on a site by site basis, preferably in an opt-in way (opt-in is where you make exeption rules for sites you don't want broken/crippled).

There are two types of popups that you may deal with.

There's the "install something" popup. This is where it asks you to download an EXE, MSI, ZIP or other executable file before you can proceed with whatever the popup requires of you. This is always a trick. When you get an unsolicited popup that asks you to do this, CLOSE THE WINDOW. I'll tell you how to properly close the window later on. Whatever you do, do not click on buttons within the title bar and frame of the window. They often try to fake you out by providing "OK" buttons and "Close" or X buttons. These are fake. There should be no browser window that has controls within the boundaries of the title bar and window frame. The only browser windows that have this dialog window-like behavior are dialog windows chosen within the browser's own menu system.

Then there's the "give me your information" popup. This is where it asks you to click on a link within the webpage being displayed to get you to input your personal information into their "signup forms" or fake bank, email, etc website. This is when you want to either check the page properties or the URL box to see where you really are. If you see a popup that looks like Paypal's site except the URL has gibberish or a address that doesn't have the words paypal followed by .com and nothing else dot xxx (ex: or instead of ) then it isn't a real Paypal website. Always be skeptical. That's your most useful tool in your internet defense toolbox. This is what they mean when they say the first line of defense in keeping your computer and yourself safe is behavior. Being skeptical is a very useful behavior. Don't get presented a link, always type in the link. That way you can be sure if it really was your bank that sent that notice or suddenly popped up a window telling you about your insufficient funds or that you won a multi-thousand dollar sweepstakes. Don't fall for these scams. And the best way to defend against any scams I haven't mentioned here is to invent scams on your own and be on the look out for them. Because, believe it or not, if you can think it up then there's a good chance someone else has thought it up as well and has already put that scam into practice. I'm not saying that you should become a cynical mess, but always be street savvy about these things. There is nothing a scammer won't do to get at your money. A good way to prevent you from getting paranoid is to keep a dialog with people in the know. Ask questions. Share your theories on scams with others. Don't be afraid of asking so-called "dumb" questions. It only serves to make your personal internet defense that much stronger.

Now, how to deal with popups is this, as listed by the do's and don't's of popups:

Do close the window by typing Alt+F4 or Ctrl+W. If that prevents you from exiting out of a popup (as many popups employ scripts that keep popping up windows) then go down to the task bar button for that window and right click on it to get to the Close window control. If that doesn't do it, then bring up the process manager (by typing Ctrl+Alt+Del) and kill the browser's process. Firefox will have a "firefox" process, Internet Explorer will have an "iexplorer" process, Opera will have an "opera" process, Safari will have a "safari" process. Re-sort the list of processes by name so you can find them easily.

Don't click on anything within the confines of the window's border. This means anything under the title bar and within the resizing bars around the window. Anything within the window of a popup is always fake, malicious and dangerous. Read about this 4 paragraphs up.

Don't shut down the computer as a solution to the popups. This will cause more harm to your computer than any popup. This is because the computer will be writing something to the hard drive while it downloads the webpage and images therein to load the popup. Also the computer may be writing something to the hard drive anyway if you do this. In general shutting down a computer by pulling the plug or switching off the power supply while it's in the middle of doing something with the hard drive, most likely it WILL be doing something with the hard drive at any given moment, will result in errors that accumulate into a dead or malfunctioning partition on the hard drive. Not to mention that cutting the physical power to a mechanical device like a hard drive may cause the heads to impact the platters in the hard drive causing it to spew data all over the drive (or at least to a section of it). It's like taking the needle of a record player and quickly scratching the LP all over. You know that's not a good thing to do to an LP, so why do it to a hard drive?

Do use a popup and ad blocker together. It's not like an anti-virus where you can't have more than one running or installed. The more help you can get within the browser the better. Use the browser's own popup blockers, use AdBlockPlus, use only reputable popup and ad blockers. Ask people in the know if a popup or ad blocker is real or not. And know that there are people who are biased out there about this or that. Always get a 2nd, 3rd, 4th, 5th, 6th and Nth opinion. As many as it takes to convince you. But you know what they say about opinions. Listen to the experts, be skeptical of the public, but realize that everybody will be biased for or against a particular utility.

Don't panic.

Do be skeptical.

Admittedly, this is a Windows-centric blog post. Mainly because most of the scams are targetted at people with computers running Windows. This includes any computer from Dell and other manufacturers, as well as Apple Macintoshes with Intel processors booted into Windows instead of Mac OS X and including any virtual computer environment like VMWare Worstation/Fusion, Parallels Desktop/Workstation, Qemu or VirtualBox running a Windows guest OS. The reason why is because oftentimes the popups include links to download malware that only runs on Windows computers. This includes any EXE, MSI and ZIP or 7Z files with EXE files and MSI files in them. These only work on Windows. That is not to say that Linux and Mac OS X users are safe. The other half of popups target those gullible enough to give people personal information. This will work on any OS environment. Even OSes that you boot into from a floppy drive (like the QNX and MenuetOS bootable floppy). It doesn't matter what utilities you use to prevent popups or scams, if you give scammers your personal information then game over. There is no utility that substitutes good human behavior. And that's what makes this blog post OS agnostic as well. I want to get across to you that it doesn't matter what you use. If it's a PC or an iPhone (or a darkened back alley), as long as there's some way to reach you as in a browser or by email, if you freely give your personal information out to strangers, then it is game over, no exceptions.

Tune in to the next Internet Security U2U when I describe how to fix things if you have been taken in by a scam. This will include ways to reclaim accounts, cancel orders you didn't place, maybe even cancel accounts and other methods of intelligent damage control.

No comments: