Scam watch: fake verification pop-up

My first thought was that the butcher’s website had been attacked. If it was the customer’s computer it would happen each time they made an on-line payment via Mastercard or Visa.

A MitM attack can only occur if the ‘man’ in the middle is able to successfully impersonate both endpoints, something that two sites communicating over TLS using certificates from a trusted Certificate Authority render a virtual impossibility. So assuming this was over HTTPS using a modern Web browser I would suggest the issue is most likely on the client endpoint, e.g the victim’s PC

William has a point , its probably a java script popup , not a virus in your computer thats why I also have a comprehensive java script blocker but it has a downside many websites wont display properly and some just give a blank screen but I also have other browsers if I want to access proven good websites .

Joe I am trying to understand your post before I reply . If you watch my posts I say many times I do not use Internet banking -Paypal or any other electronic transmission of funds through the web. No such thing as Free could you elucidate for me ? If a digital software designer designs virus/malware protection software that competes with BB versions are you saying that its okay to block their website ? Especially as this designer designed the ORIGINAL piece of software , I know full well github is hated by BB and commercial interests but they arent ripping off other people the designs are original by the original owners / designers of the software not stolen from BB , its quite the other way around . Are you defending restriction of Internet use in the case of FREE software that belongs to the original designers ? In that case you would be approving a monopoly system worldwide . Lets get it straight – we are not talking of porn websites , although western government dont block them for some reason nor are we talking about scamming/hacking / building nukes / parcel bombs etc- “”terrorist ” acts we are talking one thing GREED , AVARICE/ Monopolizing /control of the public you are certainly aware of this government telling ISP,s to censor/block political websites or websites speaking the truth , they have been doing it for years but now with the Snooper Charter going through the House of Lords , even they are unhappy about it as it gives GCHQ unlimited powers of intrusion I wont go into what they can do as it would upset viewers but its comprehensive to say the least far surpasses the NSA /FBI.

As regards “free software” there are two kinds of “free”.

“free” as in free beer or as in a free lunch: no charge is made for the use of the software, but you don’t get to own the copyright of the version you download and the free version may be there to encourage you to spend money in other ways, e.g. free antivirus software may be there to encourage you to upgrade to a paid-for version.

“free” as in free speech. You can download the software and all of its source code, so you can know exactly how it works and what it does (and see if it contains any malicious code). You can (usually) also modify and distribute copies, so long as you continue to honour original licence conditions, including the ones about releasing your modified source code. You may have to pay for this kind of software – or it may also be free, as in free beer.

Those of us who have to write software as part of our day jobs, do like to take a pay packet home each month. So we generally don’t work for free, even though we may sometimes be able to release free software, when this is consistent with our overall objectives.

Derek I have no problem with software engineers being paid for their work/designs and most people buy paid for versions as they feel they get more comprehensive protection . I stlll have a paid protection on my now disused Win 7 Prof part of my PC , its got a year or more to run . The problem with it is in its haste to become part of the Windows system – guess what has happened ? MS now controls it , not me. Github not only help with free scanners but I have a comprehensive app that has -135,255 network filters on it + 63,077 cosmetic ones , most updated by github + another github/EFF recommended app that is now blocking 14 short of 500 trackers + others . Posters wonder why their details are known Derek , i am sure you know why , the companies concerned are very blatant about it , big flashy websites boasting about their ability to track to source in the US. Even my 6 security apps are stretched and I need others like HTTPS everywhere /Clean LInks and more besides and most of them arent for hackers they are to prevent diversion and getting hit with massive advertising , its a world of a difference not being blasted with popups , moving ads etc, etc. Why should the public be forced to put up with that ?

Derek ,as you mentioned open source and malicious code I think you might be interested that the IoT bot – Mirai has just gone open source, This is the one I posted about when answering a poster on not getting “smart meters ” . I found it hard to believe at the number of household electrical, items in the US that are now wi-fi Internet attached with many complaints due to easy access by this virus . I had a look at a tech website with a live -full screen Mirai attacks shown in target “hits ” as in nuked , and yes in the 3 minutes I watched it England had 4 attacks -Eire -1 .

Surprise-surprise Derek, it seems the Government doesnt agree with you about open source and github . Guess who has taken a github account ?- – GCHQ with its “Gaffer ” programme , check it out.

Actually Duncan, I did not express any views on github.

All I did in my post above was reply to JoeBloggs, to contribute what free software meant to me – both as an author and as a user.

Regarding open source software I did find a gov.uk webpage that said:

“Where appropriate, government will procure open source solutions. When used in conjunction with compulsory open standards, open source presents significant opportunities for the design and delivery of interoperable solutions.”

and also some 2015 press releases highlighting the acceptance of LibreOffice for use in UK government projects.

Zouk , put it this way , you are a lot more secure than other methods of entering your code . A one -time code is generated that is not held in the machine . Your card reader could be -in THEORY – counterfeit, modified, or infected with malware but all things being equal , if you dont lend it out , let the family use it etc then its pretty safe , nothing digital is guaranteed 100 % safe . BUT it could be scammed NEVER , and I mean ,NEVER , RE-SYNC your device , I dont care who tells you when you are online a reputable bank wont ask you to do that. One flaw is that there have been cases of fraud by card-reader where the customer loses liability protection and YOU end up paying ,not the fraudster. But all-in-all –yes you are better protected than others.

Key pads (as opposed to card readers) are possibly more secure, since they have on-chip algorithms which calculate a prime number based on the time you use it, the number of times you’ve used it previously and the prime base number in question. Because the internal chronometer on the card is synchronised with the bank’s clocks, you should get a unique code each time that will only work at the time you choose it, or close to that time. But, as Duncan sagely notes, nothing digital is ever 100% foolproof.

MLD – as you are not (your words ) “a techy ” download -from Malwarebytes website only- malwarebytes.com/antirootkit/ — install it and run it and take its advice or – kaspersky virus removal tool – support.kaspersky.com/viruses/kvrt2015 . IF MS block them from being installed let me know or it could be a virus blocking installation . Do this FIRST and then get back. If others have problems with Virgin,s website then its a general thing but if only you have a problem then -yes – you have malware. Try another computer just to verify.