AddThis Share Button and phishing

  • Resolved Digbydigz

    (@digbydigz)


    9 years, 8 months ago

    Ever since I installed the AddThis Share Button, I’m getting phishing on my site.

    When I click on a page other than the home page, I get a message saying that my computer has been infected and I need to call a number. I have to force-quit my computer to get out.

    When my readers try to leave comments, they get booted to another site.

    When I try to tweet from my site, I get booted to another site.

    I’ve cleared all my cache and cookies, and it’s still happening, no matter what computer I’m on.

    https://www.ads-software.com/plugins/addthis/

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Contributor Ribin_AddThis

    (@ribin_addthis)

    Hi Digbydigz,

    I’m Ribin from the AddThis support team. We haven’t heard any users reporting this issue. Can you please try after disabling AddThis Share plugin and see whether the issue persists?

    If the issue occurs only when our plugin is enabled, then send us the complete address of the page on your site where you’re seeing the problem. I’ll pass it along to our WordPress Plugin squad to investigate the issue and suggest you the needful.

    Thanks!

    Thread Starter Digbydigz

    (@digbydigz)

    Before I disabled it, I tested it to make sure it was happening, and it did when I tried tweeting a post. So I disabled it and activated a different share button and tried tweeting a post, and it did not happen. So maybe it is your plug-in?

    But, when I deactivated the other share button and activated AddThis Share button again, it didn’t happen the second time.

    It seems to happen with Chrome and Safari.

    My site is https://www.squirrelsinthedoohickey.com. Try tweeting from the right-hand sidebar on the home page. Or scroll down to the bottom of the first post on the home page and click on “4 comments.” See if it directs you to a page that’s not on my site.

    Plugin Contributor Julka Grodel

    (@jgrodel)

    Hey Digbydigz.

    I took a quick look at your site over the weekend and saw what you described with our mobile toolbar. I noticed this morning that you’ve changed over to AddToAny, but I’m seeing the same problem with them, too.

    The first time I go to your site and click on anything (sharing button, link, text, blank space), I’m getting a new window that takes me to another site. I can reproduce this over and over again using a new incognito window with Chrome. But it’s smart, it won’t do it to me twice. Each time I want to reproduce it, I have to open a brand new incognito window.

    Investigating it, it looks like it’s Sweet Captcha. This script on your page:

    https://www.sweetcaptcha.com/api/v2/apps/csrf/40883?ver=3.1.0

    Is adding this script to your page:

    https://clktag.com/adServe/banners?tid=SWTMPOP&tagid=2

    This clktag script is listening for a mouse down event (when someone clicks down on their mouse) to intercept and open a new window.

    Here’s some people complaining about Sweet Captcha for this:

    https://www.ads-software.com/support/topic/sweetcapcha-hacked-and-causing-malicious-popups

    https://www.pcworld.com/article/2933812/sweetcaptcha-users-complain-of-advertising-popups.html

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘AddThis Share Button and phishing’ is closed to new replies.