CNET: Clicking the "X" on spyware / malware popup windows activates threat rather than closing it

Security Center: Spyware Horror Stories
Nix the 'X'
Published 10/03/07 by: Patricia

http://www.download.com/Spyware-Horror-Stories/1200-2023-5180983.html?tag=bubble

I dabble in a high-risk area of the 'Net. I have for a long time. I am a member of several pay-to-read sites. I click links for money. That, in itself, opens me to tons of security issues. I use several different security programs; a firewall; two antivirus programs, which I enable or disable as I need to scan; three spyware programs, one always running; pop-up blockers; McAfee SiteAdvisor; WinPatrol; NoScript; and three different browsers--see? All sorts of stuff. I have been pretty lucky.

My family, on the other hand, hasn't. They have a laptop, and refuse to put anything other than the basic protection on it. When a pop-up comes up, they click the "X" to make it go away. I type Ctrl-Alt-Del to make it go away. They had a program that looked amazingly like their Internet Explorer alert pop-up telling them there was something wrong. They kept clicking to "fix" the problem. I gave up after the second day and told them to call my daughter-in-law's brother. He told them the same thing I did, and also told them what to run to remove the program, and never to click the "X" to make the program go away, since that's usually what activates it.

Now why didn't I think of that?! Oh right, because how could a 50-year-old woman know anything about computers? Sigh.

-Patricia
Peoria, Arizona

Reply from the Download.com editors:
Response by: Jessica Dolcourt

It's a sad day when the local computer guru is passed up in favor of a more authoritative-sounding voice. Their blindness is Patricia's family's loss. However, plenty of users over 50, of both genders, have seen a thing or two and are more than capable of righting computing wrongs.

The old button flip is a favorite malware trick, where the button to cancel a pop-up window or decline an unscrupulous offer is programmed to activate the threat instead of close it. Using the task manager to unequivocally close the process avoids button traps.

Patricia's participation with pay-to-read services certainly presents a higher risk than activities of your average surfer. Strong security is always a must, and so is common sense. The little you earn by following a link alone isn't worth the risk of a suspicious-looking or poorly rated link. Many programs are notorious for sending spam or withholding checks--this helpful list suggests ways to identify popular work-at-home scams.