Is this page dangerous to my computer's health?

[shread]

My wife got into the following page. I'm not quite sure how she got there. It was in Safari. It this well known, dangerous, etc?

https://DON'TCLICK(MAYBE)19julmac11.z5.web.core.windows.net/

Thanks

 

[Scandinavian Film]

I’m not going to open that link (“hey, does this smell like poison gas to you?”), but web.core.windows.net and blob.core.windows.net are just Azure storage, and are often used by phishing campaigns to host legitimate looking sites.

 

[shread]

The link starts out "19julMac11.z5." before getting to the "web.core.windows.net" bit. "19jul" was the date; she was on a "Mac"; I'm unsure what the 11 designated, and "z5" may have been the universal time zone we're in (Eastern Daylight Time).

The page had three windows and told you audibly that your computer had been hijacked, not to shut down, and to call "Mac support" at a number on the screen. She called and reached a fellow with an Indian accent who called back when she hung up on him. It was a Safari page, with a lot of i/o disabled. I told her to shut it down. She got back into it after restarting. Quitting Safari dismissed it. In her history, the link above was proceeded by an adclick, but I didn't know how to identify that.

It seemed similar to an old Safari page from 5-10 years ago, fairly harmless if you didn't give the Indian fellow your credentials. However,, well, drivebys exist, so I asked here, wondering if anybody knew whether there might be deeper threats within it.

 

[ImpossiblyStupid]

I pulled down the page with curl, along with the hosted scripts (I'm assuming the CDN-hosted scripts are what they appear to be, but supply chain attacks being what they are . . .). Nothing jumped out at me as being extra malicious. The "scan" they do is pretty hilarious. Since they give an 800 number, the fun thing to do (since it costs them money) is keep calling them back with dumb questions about "threats" to your computer.

 

[shread]

Well, my wife didn't think the last sentance in your response was funny, but I did. Thank you very much for taking the time to check this and respond.

 

[ImpossiblyStupid]

Well, my wife didn't think the last sentance in your response was funny, but I did. Thank you very much for taking the time to check this and respond.

What's not funny about making them pay for trying to scam you?

"Oh, you gentlemen have been so helpful to me in the past, could you help me understand if my computer is under attack again?" And then go into a long rambling story about things that are vaguely computer related and/or mention things your friends/kids say is strange, or whatever! It's no P-P-P-Powerbook, but it's a way to pass a rainy afternoon.

 

[ant1pathy]

Zero percent poking fun at OP's wife.

These kinds of stories are why the iOS and iPad OS style of software installation and more "limited" access is so beneficial to so many people. The tech literacy of the kind of person who posts on Ars is not representative of the population as a whole .

 

[jaberg]

What's not funny about making them pay for trying to scam you?

"Oh, you gentlemen have been so helpful to me in the past, could you help me understand if my computer is under attack again?" And then go into a long rambling story about things that are vaguely computer related and/or mention things your friends/kids say is strange, or whatever! It's no P-P-P-Powerbook, but it's a way to pass a rainy afternoon.

The problem here is that the value of my time to carry out this crusade exceeds the cost of telephony and a call center operator by several orders of magnitude.

 

[amateurpro]

Since they give an 800 number, the fun thing to do (since it costs them money) is keep calling them back with dumb questions about "threats" to your computer.

Be aware that toll-free numbers typically have call-tracking abilities that capture caller ID information, including the phone number of the person calling. (Legitimate marketers can use multiple number to perform A/B testing, track marketing response, etc.)

So your fun thing might end up getting your phone number resold for 'fun' calls you'll receive from different scammers in the future.

 

[Hap]

Send the info to Jim Browning or one of the dozen other scam baiters. You can videos of them on YouTube. Including an org (I forget the name) that got a bunch of volunteers and some "professional" scam baiters together for two weeks of fun with scammers in conjunction with AnyDesk

 

[ImpossiblyStupid]

So your fun thing might end up getting your phone number resold for 'fun' calls you'll receive from different scammers in the future.

Good. Wastes more of their resources. Puts them in trouble for not respecting the government "do not call" list.

 

[Bonusround]

Mirror, mirror on the wall, is this thread title the most click-baity of all?