cancel
Showing results for 
Search instead for 
Did you mean: 

IE 8 users hijacked by fake virus scanner ads

In my corporate office, I have several office staffs who unwittingly clicked on virus scanner ads, believing that their system is infected with virus. They come to me afterwards to help them clear their system of spyware and viruses...

Most of the time, I see user's IE 8 getting hijacked by these programs such that browsing will be randomly re-directed to some IP addresses or another location. Uninstalling and re-installing IE 8 did not help.

Any experts here can advise - What is the best way to prevent ignorant users from clicking these fake ads in the first place? Pop-up blocker does not work 100% of the time. It will be good if some form of program prevents these ads from coming or preventing them from changing the registry and hijacking IE.

1 Reply
Highlighted
Regis
Level 12
Report Inappropriate Content
Message 2 of 2

Re: IE 8 users hijacked by fake virus scanner ads

A multi tiered approach will involve site blocking (web proxy gateway device or desktop equivalent), a strong patch management policy  that INCLUDES POPULAR WEB PLUGINS LIKE JAVA FLASH AND ACROBAT READER, as well as Windows and Office updates,  and current AV protection that includes periodic full scans (it's amazing how much on-access scanning misses, as well as user education about threats and trying to get them aware enough to not just blindly click on everything.

Try to roll IE9 in as soon as it becomes production and you've tested it in your environment -- it does very well against socially engineered malware:

http://www.infoworld.com/t/application-security/internet-explorer-trounces-rivals-in-blocking-social...