by George Taniwaki

I was surfing the web when I noticed a pop-under window appear on my second monitor. Check it out.

Warning

I clicked OK and got this pop-under window.

FakeFlashPage

Very nicely done. This is a spoofed website designed to make the visitors think they are at the official Adobe Flash Player download website. There are only a few problems I see. First, the criminals who want me to download their software didn’t bother to register a domain name and just point users to the IP address of their server. You can see the IP address in the address bar. They could fool a lot more people if they registered a domain name like flash.ly. They they could have a server name like www.adobe.com.flash.ly If you don’t look carefully, then you might think you were actually on Adobe’s site.

Second, the software product name is Adobe Flash Player, not Flash Player. Again they could fool a few more people if they included the correct product name in their pop-up window.

Finally, they misspelled “Uinstall” in the footer navigation.

Anyway, I didn’t have to see this second pop-up to know there was a problem. I knew there was something amiss as soon as I saw the message in the first pop-up window. The phrase “WARNING!” in all caps and with an exclamation point is an amateurish flourish.

All of the problems should raise flags to the user. They are obvious and sloppy errors on the part of the criminals. But I guess the type of person that would click “Install” is not very careful.

Advertisements