How can those fake anti-virus websites redirect my browser?

i'm talking about when out of nowhere, the web page you are on is replaced with one of those sites designed to look like an XP or Vista version of ';My Computer'; or something along those lines.



how does this happen?

i understand how it happens if you click a link or something, but how does it happen seemingly by itself?



example: today i was on a trusted forum website, typing something into a reply box and out of nowhere i am redirected to a phony website telling me that my computer is infested with thousands of viruses.



how does this happen?How can those fake anti-virus websites redirect my browser?
[This is my boiled down version of a conference with John Graham-Cumming; 221st episode of Security Now; http://www.grc.com/sn/sn-221.htm ]



The problem is the way in which browsers ';handle'; JavaScript language.

When a web page is loaded, that has multiple 'script assets', these can have several ';script tags'; and ';source attributes';, which says ';go get this piece of JavaScript from another source.';

It could be from DoubleClick, Google Analytics, or absolutely any server in the world.

These can also be assets hidden inside an ';iFrame'; (an unseen webpage behind what you can see).

The browser puts them all together, ';on the fly';, in the web page you're viewing. And they are treated as they all came from the same place, and so can talk to each other. They can call each others functions %26amp; variables. So they all have this equal access, running with administrator level privileges.

{{A bit like ';pooled resources';}}

If one of those JavaScripts can be compromised (any one of them), it can have access to everything else, to invoke whatever has been included in the ';bad'; JavaScript.

There's no way of protecting it or knowing that it's from the genuine author, or confirm it's not been altered.

And JavaScript is NOT protected from the other bits of code in the page itself. It gets to do whatever it wants.



That's why it's so critical to use Firefox with ';NoScript';, which will stop the script until you review %26amp; approve of it's involvement.

Another terrific security layer device is ';Better Privacy';, which blocks flash cookies...again, to stop active type of content.

Remember: allowing active scripting is ALWAYS a risk.How can those fake anti-virus websites redirect my browser?
It looks like your browser has been hijacked and directs you to a phishing site. Run an anti-malware or antispyware program like Malwarebytes or SuperAntiSpyware to fix it.