Can I get a virus from a Web page?

Published on: February 27th, 2015

The short answer is yes.  This can actually happen a couple of different ways.   There are actually sites that sole and only purpose is to distribute malware.  However even valid/legitimate websites can also become “poisoned”.  A poisoned website is just a website that a been infected with malware.
As a user just browsing the web going to one of your favorite website, maybe its a site for a scuba shop or custom jewelry, you go to this site frequently and you know its not a bad site.  Then one day out of the blue something different happens, an odd popup comes up.  Maybe it claims to have found a virus or a few thousand infected files.  Maybe, it claims your hard drive is going to fail.  Maybe it says to view this you need to install or update something.  Maybe it gives you some error message in white letters on a blue screen (what might by mistake for a Blue Screen of Death).  Those are just a few examples of some false messages a bad or poisoned site might show.  Many of those false message might even look like they came from company that you know or have heard of.  Some have and can mimic real programs.  All of this to play on your fears and naivety.  All to trick you in to the next step – clicking ok, yes, accept, install, next – or whatever.  Anti-malware programs at this point have a huge problem in being able to detect many of these to protect you.  From what the Anti-malware sees in many cases it looks just like any other webpage doing things a website should do.

There is good news however
As long as you have not clicked that button to do whatever action (install, scan, fix, ok, yes, next, run, etc.) they want you to do, at that point it is just a webpage.   Just Close the website.  If you cannot close it by normal means try closing with the keyboard shortcut (See chart below). If that does not work force it closed.

[ezcol_1third] Close with keyboard shortcut
Force close [/ezcol_1third][ezcol_1third] Windows Users
alt+f4
Press Ctrl+alt+delete, Select Task manger, highlight the browser, click “end task” [/ezcol_1third][ezcol_1third_end] Mac Users
Command+Q
Click the Apple upper left, select “force quit”, highlight the browser, Click “Force Quit”[/ezcol_1third_end]

Then do not go back to the site.  When you reopen the browser, you might be prompt to reopen the pages that where open when the browser was forced closed, you do not want to do that.  If the site was something that you just happened upon by doing a web search than just move.  If it is a sight you visit regularly and have an alternate method of contacting the site owners, I am sure they would appreciated the heads up that their site was poisoned.

Some things user can do as a prevention to malware:

• Get a good antimalware program and keep it updated
• Keep your operating system updated
• Keep your browser updated
• Keep Java Updated
• Keep Flash Player Updated
• Don’t be a positive happy clicker – It is Ok to Say “No”.  If you don’t know what or why your being prompted to do something, say no until you can figure out what it is.
• Avoid “Free programs”  – The major of malware we see comes included with “free programs”
  -this can be free games, Free utility programs promising to make your computer fast, free screen savers, free coupon or rebate finders.

Website owners you (or web person) have an on-going job of maintaining your site to prevent getting poisoned too:

• Make sure the password to your sites ftp and control panel is a strong one
• Make sure the web hosting company is keeping up with the updates to the servers OS, PHP, perl, and MySQL
• Backup your site daily – even if you have not changed it.
• If you are using something like Joombla, WordPress, Modx, etc. as a CMS (Content Management System) keep it updated.
• Sign with Sitelock or add an antimalware check to site.  Most major Anti-mail companies have something for websites as well.
• Regularly go out to your site and make sure everything is still good.