The ongoing fraud based on deceptive “Message from webpage” alerts is aimed at ripping off computer users, so learn a way to get rid of these nasty popups.
The Internet is an opportune soil for scams, where users get social-engineered into paying for something inexistent or handing over their sensitive credentials. The scenarios are miscellaneous. Some people fall victim to spear-phishing attacks, gullibly entering e-banking passwords into pages that are replica of authentic logon screens. Some pay up in a bid to claim a prize they never actually get in the long run. In one of the newer hoaxes around, the criminals are encouraging users to call a certain telephone number in order to disable popup ads. The irony of the matter is that the exact same fraudsters installed the ad-generating software in the first place. This tricky compromise involves browser redirects to malicious pages like www.qftlt.com, which is a turning point in the entire hoax. The script running on the landing site displays a misleading popup alert titled “Message from webpage”.
The text in the above-mentioned notification may vary, but most of the time it says the following:
Are you sure you want to leave this page?
Important message for [area name] Internet users. It appears that your computer and Internet browser have pop up software enabled.
Please call toll-free to disable pop-up ad software now: 1-877-625-8106
Apparently, the rascals are encouraging users to dial the phone number indicated on the warning dialog. Why? In order to wheedle the person out of a fee and, quite likely, out of personally identifiable data. Both are unwanted and potentially dangerous outcomes of such an interaction.
This assault can only be deployed as long as there is an active malicious application on one’s computer. The hijacker, which is usually installed as an inconspicuous component of an intricate bundle, executes a routine where web browsers begin defaulting to www.qftlt.com or copycat pages. Custom settings like the homepage, search and new tab are the ones typically affected along the way. Subsequently, the functioning of “Message from webpage” virus is a matter of these unguided redirects that result in the popups constantly going off. The fix has nothing to do with the toll-free call that the swindlers push so importunely. What does help is a thoroughgoing malware removal procedure.
Automated removal of “Message from webpage” virus
Owing to an up-to-date database of malware signatures and intelligent behavioral detection, the recommended software can quickly locate the infection, eradicate it and remediate all harmful changes. So go ahead and do the following:
1. Download and install the antimalware tool. Open the solution and have it check your PC for PUPs and other types of malicious software by clicking the Start Computer Scan button
2. Rest assured the scan report will list all items that may harm your operating system. Select the detected entries and click Fix Threats to get the troubleshooting completed.
Use Control Panel to get rid of “Message from webpage” virus
• Open up the Control Panel from your Start menu in Windows and select Uninstall a program
• To facilitate the process of locating the threat, sort the programs list by date to get the latest ones displayed at the very top. Find an unfamiliar entry under the Name column, click Uninstall and follow further directions to get the removal done.
Restore web browser settings to their original defaults
In the circumstances of a complex browser hijack like this, executing a reset makes the most sense despite a few obvious downsides. Customizations such as saved passwords, bookmarked pages etc. will be gone, but so will all the changes made by the potentially unwanted program. The instructions below address the workflow for the web browsers most targeted by “Message from webpage” virus.
Reset Mozilla Firefox
• Open Firefox, type about:support in the URL area and press Enter
• On the Troubleshooting Information screen, spot the Refresh Firefox button and click on it
• Follow subsequent directions to reset Firefox to its original settings
• Restart the browser.
Reset Google Chrome
• Open Chrome, click the icon for Chrome menu and choose Settings
• Scroll down the settings screen and click Show advanced settings
• Click Reset settings
• Finally, confirm the restoration by clicking Reset on the warning message
• Restart Chrome.
Reset Internet Explorer
• Select Internet options under IE’s Tools
• Proceed by clicking on Advanced tab, then select Reset
• To confirm the intended changes, click Reset on the Reset Internet Explorer Settings screen after ascertaining that the Delete personal settings checkbox is enabled
• Reboot the machine to fully implement the fix.
Revise your security status
Post-factum assessment of the accuracy component in malware removal scenarios is a great habit that prevents the comeback of harmful code or replication of its unattended fractions. Make sure you are good to go by running an additional safety checkup.
- Petya ransomware removal and system recovery (upd. June 27)
- Sorebrect ransomware – fileless malware exploits PsExec utility
- Remove MOLE02 ransomware virus and decrypt .mole02 files (upd. June 15)
- Erebus ransomware infects Linux web servers in South Korea
- Decrypt .master ransomware files – BTCWare virus variant