Michelle Basic

Q: Might have clicked something I shouldn't have... Advice please!

A Window popped up on my browser (latest version of chrome on a MacBook 2015 using latest OS) looking like a legitimate survey from my ISP. I had recently had issues with them and my alarm bells didn't go off quickly enough. It was curious that this window appeared without an email but it didn't fully register because my ISP has pop up warnings -apparently. I have NEVER had a pop up - but - due to some email issues, my firewall was down and I forgot to put it up again.

 

So, as the fog cleared I had already clicked through the survey and it offered a free gift and that's when i realized I should have shut the window immediately. I entered NO info, never filled out a form nor did I download anything. I installed Malwarebytes for Mac and it came back clean.

 

My concern:  Could I have gotten something malicious like a key logger or some other identity stealing malware just by clicking the survey? I think they call it a drive by?

 

I am a meticulous user of time machine so I have a 99% complete backup of my system on external hard drive. Should I scorch the earth just to be safe?

MacBook Pro with Retina display

Posted on Sep 26, 2016 11:35 AM

Close

Q: Might have clicked something I shouldn't have... Advice please!

  • All replies
  • Helpful answers

  • by John Galt,Helpful

    John Galt John Galt Sep 26, 2016 1:43 PM in response to Michelle Basic
    Level 8 (49,683 points)
    Mac OS X
    Sep 26, 2016 1:43 PM in response to Michelle Basic

    ... I entered NO info, never filled out a form nor did I download anything.

     

    Then you have no reason for concern.

     

    Could I have gotten something malicious like a key logger or some other identity stealing malware just by clicking the survey?

     

    No. A keylogger for example requires authentication to install.

     

    The survey was a ruse attempting to get you to reveal personal information. Many varieties of that scam exist. They are remarkably successful, but you didn't fall for it. No additional action is required, or justified.

     

    Consider reading some of these User Tips:

     

    Effective defenses against malware and other threats

     

    Phony "tech support" / "ransomware" popups and web pages

     

    Beware bogus Adobe Flash "installers"

     

    How to install adware

  • by leroydouglas,

    leroydouglas leroydouglas Sep 26, 2016 1:11 PM in response to Michelle Basic
    Level 7 (23,796 points)
    Notebooks
    Sep 26, 2016 1:11 PM in response to Michelle Basic
    it didn't fully register because my ISP has pop up warnings -apparently.

     

    I have never heard of an ISP present a user with a unsolicited pop-up window.

  • by VickeVireG,

    VickeVireG VickeVireG Sep 26, 2016 1:25 PM in response to Michelle Basic
    Level 1 (17 points)
    Mac OS X
    Sep 26, 2016 1:25 PM in response to Michelle Basic

    Personally, I would have seriously considered going back with Time Machine. (It depends, of course, also on what that last 1% is)

     

    How do you know that you did not download anything? I would not have been certain that there was no concern. For example, Appleinsider wrote, in this article (since you are concerned about clicking links, which you should be, feel free to visit Appleinsider yourself and search for "Pegasus"), that a malware were found which only needed the user to click a link for it to execute malicious code. Apple has patched that issue, of course, but there might be new ones.

     

    Generally, I feel very comfortable using Mac and iOS, due to the safety of those OS, but issues do arise, and Time Machine is wonderful at those moments when you panic.

     

    (There might be issues that even a Time Machine revert cannot solve, however, but I think that's very unlikely ...)

     

    Good luck!

  • by Michelle Basic,

    Michelle Basic Michelle Basic Sep 26, 2016 1:43 PM in response to leroydouglas
    Level 1 (8 points)
    Mac OS X
    Sep 26, 2016 1:43 PM in response to leroydouglas

    I'm not sure if I can post links here so I'll direct you to Cox Communications browser alerts. Do a search and it will come up. Unless I completely misunderstood it, there was a Forbes article addressing it and it was considered very bad practice. Not too surprising...

  • by John Galt,

    John Galt John Galt Sep 26, 2016 3:43 PM in response to Michelle Basic
    Level 8 (49,683 points)
    Mac OS X
    Sep 26, 2016 3:43 PM in response to Michelle Basic

    It is common for ISPs to inform users if they should detect some unusual activity on your account. The information they provide could be useful, or it could just be the result of the increasing desperation of "anti-virus" peddlers to assert their relevance in a post-Windows PC era. For any information to be useful, the network activity must be identified or described in specific terms. For example, if they were to merely state "a virus exists" on your network, it would convey no actionable information.

     

    Cox appears to have partnered with "McAfee" in marketing their garbage, as Comcast has done in the past with competing products. Such things should never be installed on Macs.

     

    Using popup alerts to inform users of unusual account activity is indeed a bad practice, and it would be height of irresponsibility to suggest you should install non-Apple "anti-virus" products on a Mac in response to any alleged unusual activity. Remain vigilant of such tactics, should they be used now or in the future.

  • by Michelle Basic,

    Michelle Basic Michelle Basic Sep 26, 2016 3:53 PM in response to VickeVireG
    Level 1 (8 points)
    Mac OS X
    Sep 26, 2016 3:53 PM in response to VickeVireG

    Thanks for that article. I'm grateful I was up to date before stepping in it! You've expressed the very doubt I have been feeling.

  • by Michelle Basic,

    Michelle Basic Michelle Basic Sep 26, 2016 4:11 PM in response to John Galt
    Level 1 (8 points)
    Mac OS X
    Sep 26, 2016 4:11 PM in response to John Galt

    I agree, John. I am very certain this one wasn't theirs. However, that practice left me less vigilant. A mistake I plan to avoid in future!

  • by Michelle Basic,

    Michelle Basic Michelle Basic Sep 27, 2016 4:25 PM in response to John Galt
    Level 1 (8 points)
    Mac OS X
    Sep 27, 2016 4:25 PM in response to John Galt

    IF I may bother you with one more concern....

     

    THe the window popped up out of nowhere in Chrome, a pop up resistant browser, and I am concerned that it takes a different level of sophistication to break in, even if they used Cox's method. I have found it difficult to educate myself on how this is done.

     

    Can anyone enlighten me? I greatly appreciate it!

  • by Michelle Basic,

    Michelle Basic Michelle Basic Sep 27, 2016 5:04 PM in response to Michelle Basic
    Level 1 (8 points)
    Mac OS X
    Sep 27, 2016 5:04 PM in response to Michelle Basic

    A general layman's explanation, of course! The more I'm aware, the better I can be prepared.

  • by John Galt,

    John Galt John Galt Sep 27, 2016 5:45 PM in response to Michelle Basic
    Level 8 (49,683 points)
    Mac OS X
    Sep 27, 2016 5:45 PM in response to Michelle Basic

    No particular sophistication is required to display a popup window. To bypass a browser popup window preference requires very simple page redirect code using Javascript. Disabling or otherwise preventing Javascript from doing that would cause many websites to misbehave. Of course you can disable Javascript but many websites (even this one) just won't work without it.


    Implementing that code in a "polite" way would ask the user to temporarily allow popups.

     

    Chrome, a pop up resistant browser

     

    If you believe Google Chrome is immune from such things you have been misled.

     

    One would think Google products would not appeal to security-concious users, since they are specifically designed to harvest and upload your personal information so that it can be packaged and sold to others.

  • by Michelle Basic,

    Michelle Basic Michelle Basic Sep 27, 2016 7:35 PM in response to John Galt
    Level 1 (8 points)
    Mac OS X
    Sep 27, 2016 7:35 PM in response to John Galt

    Yup. I was misled. Yikes.... I guess I'll go back to Safari. In researching this, I did come across a lot more info on Safari. Truthfully, the whole issue of security is unsettling.

     

    I'm glad I asked. Thanks so much, John!