Hi, I am using Safari 8.0.3 on Macbook Air with Yosemite OS. For past few days I am not able to open any website connected google id. Instead, I am asked to update my flash player, whereas Adobe shows my flash player updated. What's wrong? Need help.
MacBook Air, OS X Yosemite (10.10.2)
The update alerts are fake, and are intended to dupe you into installing malware or disclosing private information so that your identity can be stolen.
You might get the alerts when visiting a website that has been hacked. Don't visit the site again. If applicable, notify the site administrator of the problem, but don't send email to an unknown party.
If you get the alerts when visiting more than one well-known website, such as Google, YouTube, or Facebook, then they may be the result of an attack on your router that has caused you to get false results from looking up the addresses of Internet servers. Requests sent to those sites are redirected to a server controlled by the attacker. It's possible, but less likely, that the DNS server used by your ISP has been attacked.
Back up all data.
Unlock the Network preference pane, if necessary, by clicking the lock icon in the lower left corner and entering your password. Cllck Advanced, open the DNS tab, and change the server addresses to the following:
8.8.8.8
8.8.4.4
That's Google DNS. Click OK, then Apply.
In Safari, select
Safari ▹ Preferences... ▹ Privacy ▹ Remove All Website Data
and confirm. If you’re using another browser, empty the cache. Test. If the fake update alerts stop, see below. Otherwise, ask for instructions.
The router's documentation should tell you how to reset it to the factory default state. Usually there's a pinhole switch somewhere in the back. It may be labeled "RESET." Insert the end of a straightened paper clip or a similar tool and press the button inside for perhaps 15 seconds, or as long as the instructions specify.
After resetting the router, quit the web browser and relaunch it while holding down the shift key. From the Safari menu bar, select
Safari ▹ Preferences... ▹ Privacy ▹ Remove All Website Data
and confirm. Do the equivalent if you use another browser. Open the Downloads folder and delete anything you don't recognize.
Then go through the router's initial setup procedure. I can't be specific, because it's different for every model. The key points are these:
1. Don't allow the router to be administered from the WAN (Internet) port, if it has that option. Most do.
2. Set a strong password to protect the router's settings: at least ten random upper- and lower-case letters and digits. Don't use the default password or any other that could be guessed. Save the password in your keychain. Any password that you can remember is weak.
3. If the router is wireless, or if you have a wireless access point on the network, use "WPA 2 Personal" security and set a different strong password to protect the network. If the router or access point doesn't support WPA 2, it's obsolete and must be replaced.
During the time the router was compromised, you were redirected to bogus websites. If you ever connected to a secure site and got a warning from your browser that the identity of the server could not be verified, and you dismissed that warning in order to log in, assume that your credentials for the site have been stolen and that the attacker has control of the account. This warning also applies to all websites on which you saw the fake update alerts.
Check the router manufacturer's website for a firmware update.
If you downloaded and installed what you thought was a software update, ask for instructions.
The update alerts are fake, and are intended to dupe you into installing malware or disclosing private information so that your identity can be stolen.
You might get the alerts when visiting a website that has been hacked. Don't visit the site again. If applicable, notify the site administrator of the problem, but don't send email to an unknown party.
If you get the alerts when visiting more than one well-known website, such as Google, YouTube, or Facebook, then they may be the result of an attack on your router that has caused you to get false results from looking up the addresses of Internet servers. Requests sent to those sites are redirected to a server controlled by the attacker. It's possible, but less likely, that the DNS server used by your ISP has been attacked.
Back up all data.
Unlock the Network preference pane, if necessary, by clicking the lock icon in the lower left corner and entering your password. Cllck Advanced, open the DNS tab, and change the server addresses to the following:
8.8.8.8
8.8.4.4
That's Google DNS. Click OK, then Apply.
In Safari, select
Safari ▹ Preferences... ▹ Privacy ▹ Remove All Website Data
and confirm. If you’re using another browser, empty the cache. Test. If the fake update alerts stop, see below. Otherwise, ask for instructions.
The router's documentation should tell you how to reset it to the factory default state. Usually there's a pinhole switch somewhere in the back. It may be labeled "RESET." Insert the end of a straightened paper clip or a similar tool and press the button inside for perhaps 15 seconds, or as long as the instructions specify.
After resetting the router, quit the web browser and relaunch it while holding down the shift key. From the Safari menu bar, select
Safari ▹ Preferences... ▹ Privacy ▹ Remove All Website Data
and confirm. Do the equivalent if you use another browser. Open the Downloads folder and delete anything you don't recognize.
Then go through the router's initial setup procedure. I can't be specific, because it's different for every model. The key points are these:
1. Don't allow the router to be administered from the WAN (Internet) port, if it has that option. Most do.
2. Set a strong password to protect the router's settings: at least ten random upper- and lower-case letters and digits. Don't use the default password or any other that could be guessed. Save the password in your keychain. Any password that you can remember is weak.
3. If the router is wireless, or if you have a wireless access point on the network, use "WPA 2 Personal" security and set a different strong password to protect the network. If the router or access point doesn't support WPA 2, it's obsolete and must be replaced.
During the time the router was compromised, you were redirected to bogus websites. If you ever connected to a secure site and got a warning from your browser that the identity of the server could not be verified, and you dismissed that warning in order to log in, assume that your credentials for the site have been stolen and that the attacker has control of the account. This warning also applies to all websites on which you saw the fake update alerts.
Check the router manufacturer's website for a firmware update.
If you downloaded and installed what you thought was a software update, ask for instructions.
Trillion of thanks, Linc. All is working fine now. I saw a new unidentified entry in the list of DNS. Could that be the culprit?
If you reset the router as suggested, you should be OK now. But if this happens again, the router is inherently insecure and must be replaced.
Safari not responding to several sites
