• Our booking engine at tickets.railforums.co.uk (powered by TrainSplit) helps support the running of the forum with every ticket purchase! Find out more and ask any questions/give us feedback in this thread!

Rail forums.co.uk redirecting to wiserapps.site false virus alerts

Status
Not open for further replies.

dmncf

Member
Joined
4 Sep 2012
Messages
341
For the past week while browsing Railforums.co.uk using the Internet browser on my Samsung Galaxy J5 phone I have on a few occasions been redirected to wiserapps.site and bombarded with pop-up messages telling me that my phone is severely infected with viruses and encouraging me to download their anti-virus software. It's not possible to navigate back from this site and I have to close my browser.

I am only experiencing this issue on Railforums.co.uk and not any other website. Is anyone else experiencing this issue? Is something wrong with my phone or something wrong with Railforums.co.uk?
 
Sponsor Post - registered members do not see these adverts; click here to register, or click here to log in
R

RailUK Forums

pdq

Member
Joined
7 Oct 2010
Messages
800
+1. I've also had something similar, except mine is to tell me I've won a prize. Again, only pops up from this website.
 

pdq

Member
Joined
7 Oct 2010
Messages
800
Screenshot_20171227-220841.png For info - this is the pop-up I'm getting - dots changed to avoid the address becoming a hyperlink.
http:// google dot com-uk2-wow2-lucky-visitor-giveaways dot rgshark dot com followed by a very long code.
 

Mojo

Forum Staff
Staff Member
Administrator
Joined
7 Aug 2005
Messages
20,382
Location
0035
Unfortunately I cannot verify this as I don’t own an Android or know anyone who does, and the screenshot doesn’t help. If someone could link or provide details of pages it appears on, as well as Ad banners that appear at the time, then I can have them removed by Google.

Have run a few tools to check site security and nothing comes up (Google are also quite proactive in eMailing if any vulnerabilities found).
 

pdq

Member
Joined
7 Oct 2010
Messages
800
If someone could link or provide details of pages it appears on, as well as Ad banners that appear at the time, then I can have them removed by Google.
Thanks for looking into it, Mojo. The problem is that the pop-up doesn't open in a new tab, and it seems to be impossible to get back to the original page in order to see what ad was there. I guess we all get different ads as well - the ones on this page as I type on my PC are for a shop selling shoes, that I visited yesterday, and for a Norwegian airline (that one's a mystery).
 

skyhigh

Established Member
Joined
14 Sep 2014
Messages
5,219
Same here on Android - random adverts that take up the full page and you can't go back without closing the tab. It seems to be happening on random pages.
 

dmncf

Member
Joined
4 Sep 2012
Messages
341


Mojo, thanks for looking into this.

I just had it happen on my other Samsung phone and took a photo of the history afterwards. The first page I was redirected to appears to be rgshark.com

As pdq says, it doesn't seem possible to go back to see what advert might have caused the redirection, firstly because the same advert might not be displayed and secondly because if it was it would redirect you off the page. Sorry I can't be more helpful.
 

dmncf

Member
Joined
4 Sep 2012
Messages
341
If others have screenshots they wish to upload, they may be able to add them to the media album titled "Images of being redirected out of Railforums" and then include those screenshot in a post. This is definitely stretching my technical ability at using the forum! :)
 

GusB

Established Member
Associate Staff
Buses & Coaches
Joined
9 Jul 2016
Messages
6,545
Location
Elginshire
I tend not to browse on my phone at home, but when I've been using my phone in the pub occasionally I've been diverted to a Talktalk page warning me of potential viruses or malware. I'm assuming that the same thing is happening, just that the pub's ISP is intervening. I'll try to note the URL it was trying to send me to if it happens again.
 

talldave

Established Member
Joined
24 Jan 2013
Messages
2,169
I've been getting redirects on my Android tablet - three times on the same Fares Advice thread within a couple of minutes. It's done in such a way that the "back" buffer is cleared so you're forced to close the browser window. As others have noted, this makes logging the contents of the source page impossible. 20171228_221625.png
 

tbtc

Veteran Member
Joined
16 Dec 2008
Messages
17,882
Location
Reston City Centre
I've had the same problem - but couldn't track down where it was coming from - so it's reassuring to see others are more switched on than I am!

I'll try to get a screen-shot next time (but what others have had looks similar)
 

pdq

Member
Joined
7 Oct 2010
Messages
800
Ironically, it's just happened to me off this very page. This time I got the 'your phone is infected' version rather than the prizewinner.
 

E_Reeves

Established Member
Joined
25 Oct 2015
Messages
1,412
Location
West Midlands
I get the same problem and mine is usually a site telling me I've won an ASDA voucher. Usually happens when I click on the thread sections (Traction and Rolling Stock for example). I'm unable to navigate back so I have to close the tab. My internet usually blocks it but sometimes it slips through. I hope it gets fixed - rather annoying!
 

Peter Mugridge

Veteran Member
Joined
8 Apr 2010
Messages
14,753
Location
Epsom
I just ran a "whois" search on that and it's a Chinese site, so I'd definitely be wary of it. Can the forum staff block individual sites off the adverts?

Failing that, I guess those of us who run blacklists can block this shark lot individually...?

https://www.whois.com/whois/rgshark.com

DOMAIN INFORMATION
Domain:
rgshark.com

Registrar:
HiChina Zhicheng Technology Ltd.

Registration Date:
2017-05-03

Expiration Date:
2018-05-03

Updated Date:
2017-11-24

Status:
ok

Name Servers:
pete.ns.cloudflare.com
rosa.ns.cloudflare.com

REGISTRANT CONTACT
Name:
Chen Wei

Organization:
Chen Wei

Street:
Zhong Guo Guang Dong Shen Zhen Shi Long Gang Qu Ping Shan Zhen Sha Bo Long Xin Lu 27Hao Tian Yuan Xiao Qu Yi Xiang 2Dong

City:
Shen Zhen Shi

State:
Guang Dong

Postal Code:
518118

Country:
CN

Phone:
+86.75528825288

Fax:
+86.75528825288

Email:
b08331ccace9d237e73fc3126fe549081459141c.png
@qq.com
 

E_Reeves

Established Member
Joined
25 Oct 2015
Messages
1,412
Location
West Midlands
Okay, so I'm barely able to navigate to any thread or forum section due to this. I hope it gets sorted soon :(
 

BlueFox

Member
Joined
20 May 2013
Messages
759
Location
Carlisle
Can the forum staff block individual sites off the adverts?

It's easy enough to do via Google Adsense (I think all the site's ads come from there), the url just needs to be added to a block list, so an administrator with access to the Adsense site should be able to do it.


I've not seen this happen on my Android phone.
 

E_Reeves

Established Member
Joined
25 Oct 2015
Messages
1,412
Location
West Midlands
It's easy enough to do via Google Adsense (I think all the site's ads come from there), the url just needs to be added to a block list, so an administrator with access to the Adsense site should be able to do it.


I've not seen this happen on my Android phone.
What browser are you using?
 

E_Reeves

Established Member
Joined
25 Oct 2015
Messages
1,412
Location
West Midlands
Oh I'm using the built in browser. That may be why. I'm having virus alert websites now with constant vibrations and pop ups which are extremely hard to get rid of. Here are some screenshots.
 

Attachments

  • Screenshot_20171231-232216.png
    Screenshot_20171231-232216.png
    61.5 KB · Views: 27
  • Screenshot_20171231-232211.png
    Screenshot_20171231-232211.png
    71.1 KB · Views: 28
  • Screenshot_20171231-232207.png
    Screenshot_20171231-232207.png
    85.3 KB · Views: 26
  • Screenshot_20171231-232202.png
    Screenshot_20171231-232202.png
    75.4 KB · Views: 27
  • Screenshot_20171231-232154.png
    Screenshot_20171231-232154.png
    100.6 KB · Views: 27
Status
Not open for further replies.

Top