Tuesday, March 16, 2010

Pop Up Pop Unders

Okay, bloggers, we have an assignment for you today. We want you to be safe when you visit our blog and we know you want the same for your visitors. But we've been encountering blogs with a security problem the owners don't realize they have. So please read this and check your own blog before you forget.

The reason we are blogging about this today is because in recent weeks we have come across a few blogs with a pop under when we try to leave a comment. We always let the blogger know but we can't help them locate the source, other than tell them they have downloaded a widget with 3rd party code. We've blogged about that before. Before installing any widget, check the HTML. We're not experts, so the only thing we know to look for is a 2nd url inserted in the code. You know, it would start with http:// or www. You don't want any widget that is covertly giving a 3rd party permission to access your blog! And only get widgets from trusted sources. All fun widgets are not fun. They can bring along spyware or a virus.

And there's more. The recent pop unders we've been seeing are game related. They will display a game you have never heard of or downloaded, perhaps Gamevance. Now if you are a Facebook user, please pay attention! A pop under we've seen popping up quite a bit recently is FACEBOOK related. When you click to comment on a blog post, a Pet Society or Restaurant or ...... pop under will open wanting you to sign in to your Facebook account so they can have access to your FB information and friends list. We don't know whether they can access your username and password, but if you sign in using that page, you will have given them permission to post streams to your wall and contact your friends. Hopefully you won't fall for this, but .....

If you are already signed in to Facebook when you click to comment on an infected blog, they are in your Facebook account and set up as "your" application before you can blink. We saw this happen one day when we didn't realize Jan was signed in to her FB account when we stopped at a blog with this problem. But because we have been keeping an eye on our taskbar, we immediately saw the extra window opening and went right to FB and deleted the application!

As soon as we originally noticed the extra window opening in the task bar, we notified the blog owner and another blogger got right on it. But it took two or three very frustrating weeks to wade through all the code on the blog and finally locate the guilty widget. Since we're techno limited, our job was to check on it occasionally and just that momentary lapse of memory could have really cost us!

We strongly suggest if you are on FB that you go to your applications page and check to make certain that every single approved application listed there is one that you added. If you don't recognize it, delete it! You can always reinstall it if you find it was one you wanted. Because these pop unders are appearing on more blogs and many of you are unaware of them, you need to be alert and check your own blog and FB accounts periodically.

If you notice a pop up or pop under on anyone's blog, please let the blogger know in an email message. If you can't find an email address, leave a polite comment. But let them know! And if someone says they got one on your blog, check your sidebar widgets. These are security risks, not mere annoyances, so they need to be taken care of right away.

We're going to close with (we can hear the collective sigh of relief over this long post) one widget we are aware of that has been causing this problem. It's an international spinning globe counter widget.

We hope you won't be throwing rotten tomatoes or even snowballs at us, but since we found another blog with this problem today, we decided we need to speak out and warn new bloggers who aren't yet familiar with the potential problems with widgets and remind seasoned bloggers who might have momentarily forgotten this can happen to any of us.

Should you ever find anything strange on our blog, please let us know.

To check your own blog:

We don't know what browser you are using, but if you are using Firefox, go into Tools, Options, Privacy -- under Privacy click on "show cookies." Click on Remove All Cookies." That's right, clear them all out. (You'll have to sign in to your blog again after this, but trust us, this is important!)

Now open a new tab or window and GO TO YOUR OWN BLOG. Pick your last post or another one if you prefer. Click on "Post a Comment." Look down in your taskbar. Do you see an extra window opening -- one called a pop under because it opens behind your window so you don't generally notice it until you close or minimize your browser. And by then you won't have a clue where you picked it up.

If you are using IE, go to Tools, Internet Options, and under Browsing History, click Delete. This will clear your IE cache of everything including cookies. Then GO TO YOUR OWN BLOG and click on Post a Comment to check for any pop under.

Minimize your browser window and double check to be sure there's no pop under hiding back there.

Be safe! We love you.

PS -- We're sorry we're not getting to visit much lately. Jan is hogging the computer again and since it's to help us Funny Farmers, we have to support her efforts and not complain. We are doing our best to keep up even if we're not commenting.


  1. This is a great post - we had no idea that the facebook thing (which for us pops up in front) was an issue, because we don't use facebook. We thought it was something that people who used facebook had set up on their blogs - we just close those. We haven't seen any others but we know that a lot of blogs have been hijacked lately to redirect - usually through the fish feeding widget that a lot of bloggers have. We deleted most of our third party type widgets just to be safe.

  2. Facebook is an odd sight. You think you're just chit chatting and oh no ... everyone can see what you say ... I'm off to check on mine ... thanks !!!

  3. Why would you click on a pop up or pop under? We don't get them--although there was one blog where they came up even despite our settings (which are high) and the Woman no longer visits them.

  4. Jan, thank you for this very important information. We have encountered this FB thing on one kitty blog, but always ignore it. I have a FB account, but very seldom visit it.....they have had and continue to have too many security problems :)

    Being warned will make us even more vigilant about widgets in general. We will be checking our blog today also. Thanks again and hugs.......Judi

  5. Thanks for the info Jan. Mum discontinued our Facebook account a month or so ago without hardly using it because she didn't feel happy with it. We have checked our blog and everything looks okay. We have found in the past that there were a couple of blogs that when we tried to visit them, we went somewhere totally different, but that was some time ago. Mum runs Ad-Aware free version every week and it isn't due to run again until tomorrow, but she decided to run it today as a precaution and it found one serious threat which has now been removed. She has McAfee paid for security and that never shown the threat up. Seems like the free ones could be better than paying! She is going to run Ad-Aware every day now. You can never be too cautious.

  6. You funny farmers are very thoughtful! :)

  7. I completely agree with this - if you notice a pop up or under, let the blog owner know! I know I would want to know, for sure.

  8. Thanks for the info! We're just starting to use Facebook and it helps to know these kind of things and how to avoid them.

  9. I tried and I don't think I have a pop-up or under. When you comment on my blog it opens a new window which my mom set up because she finds that way easier when she comments on other blogs. Thanks for all the info!


  10. Great advice, Jan! Something we should all take more notice of! Thank you!

  11. Lots of good info here today. We don't do FB so no worry there, but if you think you note a problem on our blog, don't ever hesitate to tell us. Your instructions for Firefox don't work for us, we don't have options etc. Maybe because we have a Mac.

    Woos - Phantom, Thunder, and Ciara

  12. We agree, cookies should be cleared out periodically.

    May we add that a good anti-virus (we use the Free AVG now) and a good malware software (we use the free Ad-Aware) is also a wise move.

  13. A lot of good information; I feel inadequate with the computer sometimes, still have so much to learn!

  14. Gosh!

    Thanks for this. I've not come across any FB popups as yet but at least I know what to do now after reading your post!

    Take care

  15. This was a terrific posting Jan and thank you for speaking up. A lot of us grow complacent -- I just got rid of all the widgets on my blog -- I was tired of them not doing what I wanted to begin with, so poof I just got rid of all of them. I don't feel comfortable with FB, like someone mentioned there seems to be too many security issues over there and we don't have an account and don't even know how to utilize the site. We did check our blog just to be safe and no problems.
    Abby's Mom Debra

  16. Thanks for the warning. We are very scared of these things after getting the bad virus. ~AFSS

  17. Thanks furry much fur the great PSA!

    Khyra & Khousin Merdie

  18. Eeek! We've never even heard about that! Thanks for the heads up!

  19. Thanks +++ Jan! This is very helpful. We are not good with IT stuff at all and will definitely keep this in mind.

  20. Solid advice Jan. Widgets can be Trojan horses of sorts. And I just love them, so I'm an easy target!

  21. This is good information! Please let everyone know they should never click on a pop-up or pop-under even to close it. This is how you close it in IE: If it is a pop-up and it is showing as the top window hit Alt F4. If it is a pop-under minimize your IE windows until the pop-under is showing as the top window and then hit Alt F4.

  22. You know sooo much more about this stuff than the mom here. We have gotten into trouble twice and almost thought we would never recover the blog from the monsters. Why cannot baddies just leave the blogs, FB, and emails alone? We have a rule and that is no widgets unless for sure we know there is not problem. No counters for sure!!!!! When you go to FB and set your privacy settings you should go in every once and awhile as the mom here has found that somehow the setting have gotten changed from private to all. Someone else said that happened to them and thought that FB did it. I don't know but I check mine out every week or so just to make sure.
    Thanks again for your auction donations. We are having your Zazzle store item on the block donated by KC. The mom is going to bid on that one for sure!

  23. Thanks for letting is know about this!
    Kisses and hugs

  24. Thanks for bringing this to our attention. We have encountered some of those pop unders on blogs we visit, but we thought they were intended advertising. If we come across any more we will leave a comment for sure!

    Thanks again.

  25. Hey JFF Gang,
    Thanks for that important info; very good gouge.
    Our mom's addicted to that Farmville stuff but thankfully dad doesn't go there; y'all can only do so much so ya have to set the priorities and live with it.
    - TBH&K

  26. Lots of times when you look at the HTML the link that is 'rotten' begins with href, although that is not always the norm. These guys can really be sneaky.


Thanks for coming by for a visit. We love to hear from you.