Has anyone come across this?
Entering Flyertalk this morning a box appeared headed Microsoft Security Essentials saying I had 3 viruses and inviting me to click to fix it.
I don't have MSE and an AVG and Windows Defender scan found nothing.

A bit disconcerting but is this another scam?

Yes,

It will probably install more problems, and will want $$$$$$ for a prog to fix??? it

almost certainly a fake
Some of them are getting very beleiveable

See below, read down the forum a bit to see the correct answer( ignore the first one)


I am receiving a MicroSoft Security Essentials alert that has isolated - Microsoft Answers (http://answers.microsoft.com/en-us/protect/forum/mse-protect_scanning/i-am-receiving-a-microsoft-security-essentials/b01132a5-752a-4e10-b8f9-27c453ae1b8b?msgId=dda78d63-7605-4531-9501-31b9c90ff4e8)

Thanks,
I had never seen this one before and it is a bit disconcerting that according to the thread a"driveby" can bypass normal security.

thats why using Firefox with AdBlock plus and No-Script makes a lot of sense - the infective scripts are blocked
Adding Spybot S&D and Spyware Blaster may also help, but the problem is that blocklists such as those can never be totally up to date

My father got this on his laptop a couple of days ago. Luckily he had the presence of mind to call me before going any further.

renfrew, it doesn't so much bypass security measures as use social engineering to convince the user to install a program. That's the purpose of the bogus MSE message - click the message, download the program and agree to run it.

Yes and I hastily closed down my pc as soon as the popup appeared.
But how does the popup get there in the first place?
The thread says it can come through any ad on a website.
I would have thought thet Microsoft would have the resources to go after someone using their name but it seems to have been around for several years.

Same as any other pop-up you get when visiting a website if you don't block them.

Ads are a very likely source as websites usually don't host the ads that appear on their site. They effectively rent out their ad space to a third party who supplies the ads. Think Google ads.

There might be another layer or two before you get to the actual server supplying the ad and if that server has been hacked you can get a dodgy ad served up to you through a reputable website.

It's not any one person/organisation that's doing this and they're rather hard to track down - they aren't sitting in London or New York using their own Internet connection.

Just to add,there are now numerous complaints on Flyertalk about this.
Flyertalk apparently can't trace where it is coming from.

I would have thought thet Microsoft would have the resources to go after someone using their name but it seems to have been around for several years.

They do take it seriously and do put time, effort and money into fighting the worst offenders.

However there are two issues :

(1) Its a cat and mouse game. It is not particularly difficult for new offenders to startup operations. If Microsoft chased after everyone it would be like a dog chasing its own tail, hence they have no choice but to prioritise. They've got a strong brand with a large install base and hence make an attractive target for all sorts of mischievous activities.

(2) Much of their effort relies on collaboration with various aspects of the legal system in order to trace the offenders. The problem is that certain jurisdictions (predominantly in the Far East) have a tendency to turn a bit of a blind eye to electronic offenses, or at least are not a particularly helpful collaboration partner.

there are now numerous complaints on Flyertalk about this

There are numerous complaints about most things on Flyertalk.... :E

(e.g. there was a 10 page rant thread on there the other day about the First class BA lounge being "too busy")

Its simple
As long as
1) people don't learn to protect themselves on the internet by using appropriate safety tools, and by practicing safe browsing
and
2) people expect internet content to be FREE, so requiring adverts to pay for the content
then we will never be free of this kind of thing

If you use software which protects you from adverts, popups and scripts you'll be safe. If you don't, you won't

Pretty much what Milo said apart from to point out that there are other browser based attack vectors other than popups and banner ads.

Internet Brands which owns Flyertalk(and PPRune?)still can't trace where this is coming from after 10days.
It apparently involves an IE vulnerability so Chrome is safe to use.

To someone like me with no computer savvy it seems very poor that a major site cannot keep things safe.

After nearly 2 weeks Internet Brands couldn't reproduce this fault never mind trace where it was coming from.
An ordinary punter eventually told them what to do to get rid of it.