# Ad popup!



## robus (Mar 14, 2018)

I was just assaulted by this piece of ad-noise:



> Congratulations!
> 
> Amazon.com User!
> 
> ...




Some unscrupulous ad provider is injecting unwanted Javascript into the Enworld pages.

not sure what can be done but thought you should know. The ad placer was some bible pusher.


----------



## robus (Mar 14, 2018)

Just got it again. It took me here: 
	
	



```
http://rewardinheaven.club/us_amazon_amazon500/index.html?voluumdata=deprecated&eda=deprecated&cep=F6PSCNcHqt2_oP7Ag9D9OAsTFKgubELV-zKSm8oGDJ4h8qAKGHCVFpP-LdujFNNlH-Hak3-DRC3e-4gtGjofbizhFOARx2CSyQOl7_zNNgjSY926PwiVQLReD5OE5cjItBuv8zCrK31yXYwM7OSDWMfyIhkr3FwVvwcxntHCQLh-brTTL7CVI14K9s4LOuhp4H3Y7yCJVchzNOySZqSCZOAfl-NVqvq41q5Ck6Ep95J8hWGEcuGZYw_nJHK6aKj8tfMm9W64cG7uCiReqatnFnCSSC6MLnAYjNz8hZBbhJjX9_KBERDZbI1I-slLYNP3&siteid=MTUyMDk5NjUwNF8xODE5NzA5MF8xMjc0ODUwMjAx&sitedomain=%7Bsitedomain%7D
```


----------



## darjr (Mar 14, 2018)

It may be your computer has add ware 
https://malwaretips.com/blogs/remove-congratulations-amazon-user-virus/

Maybe, take a look and post back here.


----------



## CapnZapp (Mar 14, 2018)

Use an ad blocker?


----------



## darjr (Mar 14, 2018)

Won’t do any good. The pop up is an application on their pc, not from any web site.


----------



## Morrus (Mar 14, 2018)

Yup, not us. You got yourself virused or malware from somewhere. Best run a virus check and run an anti-malware tool of some kind.


----------



## robus (Mar 14, 2018)

Ha - this is happening on an iPad. And only on enworld. 

But good to know it’s not a general problem.


----------



## darjr (Mar 15, 2018)

That changes things. What browser?


----------



## robus (Mar 15, 2018)

darjr said:


> That changes things. What browser?




Safari. So i think the chance of it being a virus is pretty low. Javascript injection was the simplest explanation...


----------



## darjr (Mar 15, 2018)

Still could be a dns hijack or host name hack. It does seem unlikely that you’d get it so consistently and there not being a lot of other folks getting it as well. 

Still looking.


----------



## darjr (Mar 15, 2018)

Looks like a third party app was able to do something similar. But it also looks like yahoo was hijacked with something similar.

Can you post the link you went to on ENWorld that gave you the popup?


----------



## robus (Mar 16, 2018)

darjr said:


> Looks like a third party app was able to do something similar. But it also looks like yahoo was hijacked with something similar.
> 
> Can you post the link you went to on ENWorld that gave you the popup?




I just tapped on the link to the 5e forum as usual and it appeared.


----------



## robus (Mar 16, 2018)

Looks like there's an easy fix: https://discussions.apple.com/thread/8255372 (for anyone else getting this issue)


----------



## darjr (Mar 16, 2018)

OK looks like it’s happening all over. I got it on an unrelated site. And it looks like it targets safari. Make sure you update and clear your cache, specifically “site data”. And try a different browser. Looking.


----------



## darjr (Mar 16, 2018)

robus said:


> Looks like there's an easy fix: https://discussions.apple.com/thread/8255372 (for anyone else getting this issue)




Yup saw this but note for some folks it doesn’t work and there is some talk about it being targeted at some versions of safari 

Thanks!


----------

