Fake Squarespace Site / Fake Download / Fake Tech Support
One client tried to visit Squarespace today to update her Web site. She got a pop-up warning her that something was wrong with her account and directing her to call a toll-free number, which she did. The person at the other end attempted to persuade her to give him remote access to her computer. She declined, but she kept getting the pop-up warning. When I examined her computer, I found (as I had guessed) that she had mis-typed "Squarespace" — she had scrambled a couple of the letters, which led her to a site whose name was almost Squarespace, but which was actually a scam site.
Visiting the scam almost-Squarespace address causes the Web browser to redirect to one of several different scams. One site contains the admonition to call that toll-free number. Another displays a fake pop-up window that says you need to update Flash Player on your computer. (Flash Player allows the display of certain animated and interactive content on Web sites.) Clicking "cancel" still causes a download to begin. The small print at the bottom of the page says the installer will also include pesky "adware" programs that threaten your computer security and are hard to remove.
We've reported the fake almost-Squarespace address to Squarespace (which was not aware of it when we first reached out), Google, Sophos Antivirus, Firefox/Mozilla, StopBadware, and the Federal Bureau of Investigation.
The fake tech-support scam is quite widespread and dangerous and its perpetrators are very persuasive — so much so that even I fell for this scam a few months ago. I allowed the criminal at the other end to access my computer; when I noticed that he was rooting around in my private files, I turned off my WiFi (the only way to boot him off of my machine) and deleted the software that let him control my device. He phoned me several times attempting to persuade me to grant him access again, until I told him I had reported him to the FBI. (I reported the almost-Squarespace scam to the FBI tonight, and to Google, Firefox, Sophos, and other services that block scam sites.)
Often, these fake tech-support folks reach out to victims by telephone, saying they are from Microsoft Support or something similar and that they have detected a virus on your computer. My partner has gotten several such calls at her office. In fact, this scam is widespread enough that the Federal Trade Commission has published an alert about it. If anyone calls you, or you get an e-mail or on-screen pop-up, claiming your computer is infected, that is almost certainly a scam. Almost all infection monitoring is done by software installed on your computer, not remotely. (If you'd like, I can help you install and update security software, identify and get rid of infections, and fix other technical issues.)
Meanwhile, we learned today that hackers are on a tear defacing WordPress Web sites — one source says more than 60,000 sites have been defaced, and another says more than 1.5 million pages on 39,000 sites have been messed up just this week. The attackers are using a vulnerability that was fixed in WordPress 4.7.2. If you have WordPress 4.7 or above, it probably has automatically updated itself to 4.7.2, but earlier versions may not auto-update. Check your WordPress version (log in to your site's dashboard and click the WordPress "W" icon at top left); if it's older than 4.7.2, you'll want to update, but first back up your current installation, because sometimes updates will cause your Web site to go offline and there may be no ready way to recover it other than to reinstall the older version, then fix the problem there before updating again. (Some Web hosts automatically keep nightly backups for you, either as part of the basic service or for an extra charge.) I can help with these issues if desired.
I am currently booked solid with tight-deadline projects for several clients, so unless you are facing an immediate problem (infected computer or defaced Web site), it may be a week or so before I can get to you, so if you will want my help, I recommend reaching out soon to get on my calendar.