Avoid downloading fake Flash updater from theworldofcontents.info

What is theworldofcontents[.]info?

theworldofcontents[.]info is a scam website promoting a fake Flash Player updater. There are several variants of this scam with differing design/appearance, although the purpose is much the same. The site claims that visitors' Flash Players might be outdated and advises them to update the software.

Rogue updaters are used to spread a variety of untrustworthy and malicious content.

For example, they are employed to proliferate Potentially Unwanted Applications (PUAs) and even malware (e.g. trojans, ransomware, etc.). Few users access websites like theworldofcontents[.]info intentionally - most are redirected by intrusive advertisements or PUAs already installed on the system.

When entered, variants of theworldofcontents[.]info display multiple pop-up windows. The initially displayed center pop-up states that Flash Player is an essential browser plug-in, which enables users to play video, animation and audio media, and games online.

As Flash might be lacking the latest security updates (i.e., is outdated), it is possible that the plug-in has been blocked. To continue using Flash Player, the scam urges visitors to update it. The window at the bottom-right instructs them to install the latest updates for improved performance.

This scam version presents another pop-up, which overlays the one shown in the center of the page. It repeats the same message: Flash might be out-of-date and lacking security updates, and therefore might not work. These windows have "Download/Update" buttons.

Clicking on any leads to download of the bogus updates. The other variant of this scheme displays two pop-ups. The window at the top-right corner informs users that they need to download an updated new version of the plug-in. The windows in the middle of the web page presents visitors with a loading bar, which allegedly represents the download process of the Flash updates.

Installing them takes just a few seconds and requires no restart/reboot. This pop-up also has buttons to download the fake updater.

Once the download process has begun, theworldofcontents[.]info provides users with instructions about how to install the updates, however, following the steps will allow untrustworthy/malicious software onto the device, rather than updating Flash Player.

Content promoted via such dubious methods is highly likely to lead to serious issues. Therefore, you are strongly advised against downloading/installing this software.

Deceptive websites are commonly force-opened by PUAs, yet they can redirect to other sale-based, untrustworthy/rogue, compromised and malicious pages. They can also have other, different capabilities. Some unwanted apps run intrusive advertisement campaigns.

I.e., they deliver harmful ads that diminish the browsing experience. Intrusive ads also redirect to dubious web pages and stealthily download/install content when they are clicked. Other PUAs can make unauthorized changes to browsers and limit/deny access to settings.

Regardless of their other functions, most PUAs can track data. They monitor users' browsing habits (URLs visited, search queries typed, etc.) and collect their personal information (IP addresses, geolocations and other details). This vulnerable data can then be shared with third parties intent on misusing it for profit.

To summarize, PUAs can cause browser and system infiltration/infections and result in financial loss, serious privacy issues and even identity theft. To protect device integrity and user safety, remove all suspect applications and browser extensions/plug-ins without delay.

Threat Summary:

Name	theworldofcontents.info pop-up
Threat Type	Phishing, Scam, Mac malware, Mac virus.
Fake Claim	Site claims that the visitor's Flash Player might be outdated.
Detection Names (AdobeFlashPlayerInstaller.dmg)	BitDefender (Adware.MAC.Bundlore.DPS), Kaspersky (HEUR:Trojan-Downloader.OSX.Shlayer.a), GData (Adware.MAC.Bundlore.DPS), Tencent (Unk.Win32.Script.404241), Full List (VirusTotal)
Promoted Unwanted Application	Site promotes fake Flash Player updates.
Symptoms	Your Mac becomes slower than normal, you see unwanted pop-up ads, you are redirected to dubious websites.
Distribution methods	Deceptive pop-up ads, free software installers (bundling), fake Flash Player installers, torrent file downloads.
Damage	Internet browser tracking (potential privacy issues), display of unwanted ads, redirects to dubious websites, loss of private information.
Malware Removal (Mac)	To eliminate possible malware infections, scan your Mac with legitimate antivirus software. Our security researchers recommend using Combo Cleaner. ▼ Download Combo Cleaner for Mac To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

mainplaceupgradesfree.info, startmostnewestprogram.icu, and fineplaceupgradefree.info are some other examples of scam sites that promote fake software updaters.

Deceptive web pages use social engineering and scare tactics to trick users into downloading/installing and/or purchasing dubious/malicious content, revealing personal details (e.g. banking account or credit card credentials), making monetary transactions (e.g. payment for "services rendered", various fees) and so on.

The goal of these scams is to generate revenue for their designers at the expense of innocent users.

How did potentially unwanted applications install on my computer?

PUAs can infiltrate devices under the guise of other software (e.g. fake updaters), however, they can also be downloaded/installed together with regular products. This deceptive marketing method of pre-packing normal programs with unwanted (or malicious) content is called "bundling".

Rushing download/installation processes (e.g. ignoring terms, using pre-set options, etc.) endangers systems with potential infiltration and infections.

Some apps of this kind have "official" download pages, which are typically promoted by deceptive/scam websites. When an intrusive ad is clicked, it can execute scripts designed to download/install PUAs without users' consent.

How to avoid installation of potentially unwanted applications

You are advised to research all content, before downloading/installing. Use only official and verified download channels. Untrustworthy download sources (e.g. P2P sharing networks [BitTorrent, eMule, Gnutella, etc.], free file-hosting sites and other third party downloaders) can offer deceptive and/or bundled software.

All updates should be performed with tools/functions provided by genuine developers. Third party updaters are high-risk and should be avoided.

When downloading/installing, read the terms, explore all available options, use the "Custom/Advanced" settings and opt-out of supplementary apps, tools, features and so on. Intrusive advertisements often seem legitimate and harmless, however, they can redirect to dubious web pages (e.g. pornography, adult-dating, gambling and others).

If you encounter ads/redirects of this type, check the system and immediately remove all suspicious applications and/or browser extensions/plug-ins. If your computer is already infected with PUAs, we recommend running a scan with Combo Cleaner Antivirus for macOS to automatically eliminate them.

Text presented in the pop-up windows initially presented by theworldofcontents[.]info:

Top of the page pop-up:

 

Latest version of Flash Player is recommended to encode and/or decode (Play) audio files in high quality. - Click here to update for latest version.

 

--------

Center page pop-up:

 

Software update
Flash Player
Install the latest update
Update now
 
"Flash Player" is an essential plugin for your browser that allows you to view everything from video to games and animation on the web. The version of “Flash Player" on your system might not include the latest security updates and might be blocked.

To continue using “Flash Player", it is recommended to download an updated version.

Download Flash... Update

 

--------

Bottom-right page corner pop-up:

 

Flash Player Update RECOMMENDED
Install latest version of Flash Player for better performance.
Download

Screenshot of the pop-up, which overlays the middle of the page:

Text presented in this pop-up:

Software update

“Flash Player” might be out-of-date

The version of this plug-in on your computer might not include the latest security updates. Flash might not work be used until you download an update.
Update Download Flash...

Screenshot of fake Flash Player updates installation instructions provided by this scam:

Text presented in this page:

1

Go to the ‘Downloads’
Open your downloads list by
clicking on the top right corner
the ‘arrow’.

 

2

Open the file
Locate and double-click the file
starting with ‘Flash Player’.

 

3

Run the application
Confirm the installation by clicking
Continue and Install
buttons.
Type your password.

Appearance of theworldofcontents[.]info scam (GIF):

Appearance of an alternative variant of theworldofcontents[.]info scam (GIF):

Screenshot of the fake Flash Player updater installation set-up:

Instant automatic Mac malware removal: Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of Mac malware. Download it by clicking the button below:
▼ DOWNLOAD Combo Cleaner for Mac By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

Quick menu:

• What is theworldofcontents.info pop-up?
• How to identify a pop-up scam?
• How do pop-up scams work?
• How to remove fake pop-ups?
• How to prevent fake pop-ups?
• What to do if you fell for a pop-up scam?

How to identify a pop-up scam?

Pop-up windows with various fake messages are a common type of lures cybercriminals use. They collect sensitive personal data, trick Internet users into calling fake tech support numbers, subscribe to useless online services, invest in shady cryptocurrency schemes, etc.

While in the majority of cases these pop-ups don't infect users' devices with malware, they can cause direct monetary loss or could result in identity theft.

Cybercriminals strive to create their rogue pop-up windows to look trustworthy, however, scams typically have the following characteristics:

• Spelling mistakes and non-professional images - Closely inspect the information displayed in a pop-up. Spelling mistakes and unprofessional images could be a sign of a scam.
• Sense of urgency - Countdown timer with a couple of minutes on it, asking you to enter your personal information or subscribe to some online service.
• Statements that you won something - If you haven't participated in a lottery, online competition, etc., and you see a pop-up window stating that you won.
• Computer or mobile device scan - A pop-up window that scans your device and informs of detected issues - is undoubtedly a scam; webpages cannot perform such actions.
• Exclusivity - Pop-up windows stating that only you are given secret access to a financial scheme that can quickly make you rich.

Example of a pop-up scam:

How do pop-up scams work?

Cybercriminals and deceptive marketers usually use various advertising networks, search engine poisoning techniques, and shady websites to generate traffic to their pop-ups. Users land on their online lures after clicking on fake download buttons, using a torrent website, or simply clicking on an Internet search engine result.

Based on users' location and device information, they are presented with a scam pop-up. Lures presented in such pop-ups range from get-rich-quick schemes to fake virus scans.

How to remove fake pop-ups?

In most cases, pop-up scams do not infect users' devices with malware. If you encountered a scam pop-up, simply closing it should be enough. In some cases scam, pop-ups may be hard to close; in such cases - close your Internet browser and restart it.

In extremely rare cases, you might need to reset your Internet browser. For this, use our instructions explaining how to reset Internet browser settings.

How to prevent fake pop-ups?

To prevent seeing pop-up scams, you should visit only reputable websites. Torrent, Crack, free online movie streaming, YouTube video download, and other websites of similar reputation commonly redirect Internet users to pop-up scams.

To minimize the risk of encountering pop-up scams, you should keep your Internet browsers up-to-date and use reputable anti-malware application. For this purpose, we recommend Combo Cleaner Antivirus for macOS.

What to do if you fell for a pop-up scam?

This depends on the type of scam that you fell for. Most commonly, pop-up scams try to trick users into sending money, giving away personal information, or giving access to one's device.

• If you sent money to scammers: You should contact your financial institution and explain that you were scammed. If informed promptly, there's a chance to get your money back.
• If you gave away your personal information: You should change your passwords and enable two-factor authentication in all online services that you use. Visit Federal Trade Commission to report identity theft and get personalized recovery steps.
• If you let scammers connect to your device: You should scan your computer with reputable anti-malware (we recommend Combo Cleaner Antivirus for macOS) - cyber criminals could have planted trojans, keyloggers, and other malware, don't use your computer until removing possible threats.
• Help other Internet users: report Internet scams to Federal Trade Commission.

▼ Show Discussion