Tech Support Scammers Target Search Ads on ISP Start Pages

Microsoft does routinely take down sites like that. It does take time to find them, and as the article states, the sites are generally able to trick crawlers and automated bots by using redirects and JavaScript. On top of that, because the sites are not malicious or hosting scannable malware directly, it's not going to set off an AV.

The sites listed in the article are pretty new.. and their established date is not necessarily their "going live" date:

upload_2019-6-26_12-59-0.png

upload_2019-6-26_13-0-38.png

Which bring us to the final problem.... Microsoft could/does kill these sites.. but they are easy enough to put right back up... right?

Why don't Godaddy, namecheap and Google fix their stuff, too? It's because they're outgunned by the quick-spam-creation of these crappy sites.

A better solution would be to fix 'browsers' so that they won't be locked up by JavaScript; limit CPU affinity to something less than 100% CPU for JS. Disallow those top-center "pop-up notifications" that require clearing before browser is responsive again, etc.

There are lots of facets to place blame, and just as many or more options to "fix" the issue.
 
My sarcasm runs rampant sometimes. I vaguely recall the claims (I believe by Mozilla & Google CEO's) that their browsers could replace AV (and maybe other measures) and be our security gatekeepers. Of course that's ludicrous on a number of levels as @phaZed points out above.
 
Back
Top