# Scam ad



## Thor (Oct 31, 2011)

The TAM page was replaced with one of those scams "a virus has been detected on your computer, immediate action necessary" telling me to "click here". I was on the Trump whistleblower thread.


----------



## Marduk (Jul 16, 2010)

Thor said:


> The TAM page was replaced with one of those scams "a virus has been detected on your computer, immediate action necessary" telling me to "click here". I was on the Trump whistleblower thread.


I wonder if it could have been one of the videos posted or some such thing?


----------



## EleGirl (Dec 3, 2011)

Thor said:


> The TAM page was replaced with one of those scams "a virus has been detected on your computer, immediate action necessary" telling me to "click here". I was on the Trump whistleblower thread.


This most likely came from one of the ads displayed on TAM or some other site. If you can ever get a screen shoot of the ads displayed at the time this occurs it would help to figure out which ad is the culprit. 

Almost all browser based tech support scams can be closed by opening Windows Task Manager and ending the browser process.


----------



## Thor (Oct 31, 2011)

It is still happening. Yesterday and then again twice already today. I will to get a screen shot of the ad.


----------



## rockon (May 18, 2016)

Got the same thing yesterday but was for local single Muslim woman. Huh??


----------



## minimalME (Jan 3, 2012)

These are screenshots I took at the end of September. 

I put the ad blocker back on that @EleGirl had recommended, and that took care of them.

I edited the images to remove my personal information, but if you need to see the address bars, let me know.


----------



## Administrator (May 8, 2013)

I would like to get the full address of the page next time anyone sees it. Copy everything it gives you and send it my way

Kevin


----------



## Thor (Oct 31, 2011)

I tried to screen shot the page but it reverted to another page so I closed the browser. I did notice it happened when the cursor moved over a Dell computer banner ad at the top of the screen.


----------



## Thor (Oct 31, 2011)

I was able to capture these 2 urls. There were several that sequenced.

This url was the ad that showed and then played a robot voice along with it. 
https://0fficial.info/l/Mac/UpdMe/_...20e60&language=en-US&img=sys2&uclick=17gxa1m7

This was one of the urls when trying to back-page. I don't think it was the first url but I couldn't grab that one. 
http://r800r.tracking.blue/redirect...ML3gaAioQLppBRbjHVrYQ2B6SasnQA5kssco7waE&rm=D


----------



## badsanta (Oct 13, 2014)

Thor said:


> It is still happening. Yesterday and then again twice already today. I will to get a screen shot of the ad.


If you disable javascript, it will solve all your problems. Chrome allows you to do this just on specific websites so that you don't have to break the whole internet to visit and post here. Doing so disables your ability to like, quick reply (preview it first and then it will reply), see notifications and use advanced formatting with replies, but everything else here runs as smooth as butter.


----------



## Administrator (May 8, 2013)

We're working on trying to get the root cause of this ironed out guys. Thanks for the patience, and if anyone gets one of these with a non-mobile device, please let us know. There is some info you might be able to provide that could help us

Kevin


----------



## Thor (Oct 31, 2011)

It is always on an imac desktop for me.


----------



## Administrator (May 8, 2013)

Interesting. Which browser? Safari?

Kevin


----------



## minimalME (Jan 3, 2012)

For me, it's in Safari on my MacBook Pro.


----------



## Marduk (Jul 16, 2010)

Just a heads up folks... at home, I’m running router-level ad blocking’s didn’t filtering, DNS level filtering, and none of the accounts on my home macs have admin access... so even if something sneaks through, nobody but me can actually install anything. 

I’ve had one virus sneak through, a weird scripting thing, but that’s it. Was easy to detect and clean. But running multiple layers of protection helps.


----------



## Lila (May 30, 2014)

@Yungster:

Here's another redirect. I just started getting this on TAM. Running is on PC (Windows 10) on Chrome. 

http://happy.goodluckspace.com/bonu..._name=Desktop&tablet=4&rheight=768&rwidth=768


----------



## Thor (Oct 31, 2011)

Yungster said:


> Interesting. Which browser? Safari?
> 
> Kevin


Safari. Running Ad Block Pro and have popups disabled.


----------



## Administrator (May 8, 2013)

Lila said:


> @Yungster:
> 
> Here's another redirect. I just started getting this on TAM. Running is on PC (Windows 10) on Chrome.
> 
> http://happy.goodluckspace.com/bonu..._name=Desktop&tablet=4&rheight=768&rwidth=768






Thor said:


> Safari. Running Ad Block Pro and have popups disabled.


Next time you anyone using a Mac and Safari gets this, please follow these steps.

1. Open the Develop menu and select Show Web Inspector. (If you don't see the Develop menu in the menu bar, choose Safari > Preferences, click Advanced, then select “Show Develop menu in menu bar”.
2. Click the Network tab
3. Click the download icon (the arrow pointing down icon) and save the web archive file.
4. Let us know you have the file and we'll contact you by email so you can send it to us (site won't support the file type you'll have)

I hope that make sense. I'm not a Mac user myself, but I ran it by a co-worker who is, and they helped me iron it out

For Chrome, try and follow these steps

1. Hit F12 to open the Developers Menu
2. Click on the "Network" tab
3. Make sure your browser is recording. The circle icon at the top left corner of the menu should be red. Click it if it isn't to begin recording.
4. Navigate around the site until you get the popup. Once you've done that, right click anywhere on the list that loads and click "Save all as Har with content"
5. Once you have the file, let me know and I'll give you the email you can use to send it our way

Kevin


----------



## uhtred (Jun 22, 2016)

Seeing scam popup adds on chrome, windows 10, private browsing Very frequent


----------



## 20yr (Apr 19, 2019)

I am getting popups from this site:

http://happy.luckyparkclub.com/bonus/com


----------



## Administrator (May 8, 2013)

Hi all, 

Thanks for reporting these, we're working on getting all of these handled. When sharing the more information you can give us, the better we can treat it. Your device, browser, active add-ons, the URL redirect, screenshots, and the HAR file. You may not be able to grab it all, but the more you give us the more accurately we can tackle these issues. PM us if you have the HAR, or if you don't feel comfortable sharing it here. We hope to resolve this for you soon.

Gerrit


----------

