Perils of Online Pornography Pop-ups

posted by
Filed under: Fraud and Deception

Hidden Dangers in Visiting Porn Sites
By Jordan Robertson
AP Technology Writer
November 28, 2007

GunpointSan Jose, Calif. (AP) — Online pornography hunters’ Internet adventures are already fraught with danger from malicious code many porn sites use to commandeer visitors’ machines or steal personal data.

Now comes a scheme some researchers say amounts to extortion: One site’s threat to disable visitors’ computers with relentless pop-up ads if they don’t pay for a subscription they were automatically signed up for after a free trial.

The threats, reported this week by researchers at security vendor McAfee Inc.’s Avert Labs, affect people who visit the Web site and download software to access a free three-day trial membership.

Visitors do get free access for three days, but the download includes code that then generates a stream of pop-up windows, when the user is online and offline, demanding payment of roughly $80 for 90 days’ worth of additional access.

The windows stay open up to 10 minutes and appear once a day. They appear on top of any open windows and restore to their original size if shrunk or moved, making them impossible to ignore. They also reappear if the computer is rebooted.

The site actually warns visitors they will be billed as full members – and lose full use of their computers if they don’t – unless they cancel the subscription within the trial period. But the warning appears in the full terms and conditions statement, which downloaders aren’t required to read.

Once the fees are paid, the software can be removed with a special file.

“What it appears they are doing is, in my humble opinion, a form of extortion based on the (usually correct) assumption that a person’s computer will be key to many other activities in their daily life,” McAfee researcher Seth Purdy wrote on the Avert Labs blog.

Photo: GiddleBits