Innocent looking webpage hides malware – A true story – 05/25/22
It was just another day for an MRU staffer. He was fielding calls and sorting through emails when he received an invite to a conference. He just needed to double check the session time. However, it was listed with a different time zone than his. It was early in the morning and his brain wasn’t fully functioning so he was unable to covert the time in his head. He Googled “time zone converter” and clicked the first link listed in the search results.
As soon as the webpage loaded, mayhem erupted on his computer. Three hundred and seventy four pop-ups appeared. Big scary alerts with flashing arrows pointing to a button said he had a virus. Click here said the button to remove the virus. You must click NOW flashed across the screen. Everything that could light up and flash was lit up and flashing. His computer screen looked like a slot machine that was about to pay out, only this pay out was malware not money.
He started to panic. He thought, “What do I do, what do I do? What did Bernadette say to do in training”. Then he remembered the first step.
Don’t touch anything
“Okay”, he thought, “I wont touch anything. what did she say to do next?”
Disconnect from the Internet
“Right.” He dug around behind his computer and yanked the network cable out from the back of it. “Okay, what is next?”
Contact the IT Service Desk
He picked up the phone and called the Service Desk. It took almost no time at all and a technician was there checking his computer. Thankfully, there was no harm done. Because he had followed his training and did not click on anything on the webpage the malware was never loaded onto his machine.
He was immediately grateful for the training he received. Had he forgotten to not touch anything on the screen, he would have lost a lot of his day and his data, getting his computer reimaged. While he knew the training was helpful, he didn’t realize just how much until he found himself experiencing a cyberattack. He was so glad he had taken his annual training. He was never going to consider it a waste of time again.
To be as safe as possible, I would disconnect from WiFi before you do anything else. Once you are disconnected from WiFi, you can close your browser window if you are at home and the Service Desk isn’t available and still be fairly safe. I would avoid closing any other windows though and I would definitely leave the pop up windows alone. Closing the browser window should be sufficient. A restart isn’t necessary nor recommended as viruses can alter your anti-virus software during start up. Instead, I would run a virus scan and see if something comes up. Of course this is only if you are at home. If you are on campus, leave everything for ITS to sort Thanks for sharing your story Richard and asking such a great question.
Great story. That sort of thing happens a lot. When it happened to me, I was connected to the Internet via WiFi rather than a network cable. I just shut the window that the warning had come up on and restarted the computer. That worked — or, rather, perhaps, it seemed to and something is still lurking in here. So my question is, Is that enough? Or should I have gone to the settings, for example, and shut off the WiFi before I did anyting else?