Westfield fix your website!

[Dommo]

3 hours ago, Chris King - Webmaster and Joint North East AO said:

And the other question. 

Anyone getting this on a desktop or laptop? Or is it just android and iPhone?

No such behaviour from PC or Android phone for me. Just checked multiple times on each

[Kingster]

As this is a 'mobile only' issue, it is entirely possible that this is coming from a dodgy Google AdSense advert that has appeared on a large number of "free" mobile apps - it's an exploit that uses your search history and cookies to inject a dodgy link into your mobile browser - Google are on the lookout for this type of thing and they lock it down once it becomes evident.

Therefore it may just die down and the ads you have on your free apps will return to normal and no longer hijack the mobile browser.

I am on the case behind the scenes, so please keep reporting any instances of this to me via this thread.

[Plays-Kool]

Just put Westfield Forum into Google, first result is forum.wscc.co.uk, clicked on that and its taken me straight to a site telling me I've won a prize! This is on an Android phone using Chrome as the browser. Hope that helps

Oh and if I try it a second time it works fine

[Kevin (Mr T)]

22 hours ago, Chris King - Webmaster and Joint North East AO said:

The big question is:

does this happen for anyone ONLY when you land on our forum or Have you had dodgy results for a few other random Google searches?

Only when I link from Google to the forum, never had it on any other search.

[Kingster]

9 minutes ago, Plays-Kool said:

Oh and if I try it a second time it works fine

Yes, that is a common theme to stop the exploit being traced so easily!

The fact that this only ever comes from mobiles does point to it NOT being something coming from our site (but I'm still working on it)

[Quinten]

Just had to try this for myself, and indeed, entering 'westfield forum' on my iphone/safari browser, the first hit appears to be in all shapes and sizes a correct link to our forums, however when you click it, it is a hijack to some price scam site.  Tried it again after that and all links seem to be working as normal, so possibly a cookie is now preventing it from happening again...

[Andy - a15cro]

On 05/08/2017 at 16:25, Chris King - Webmaster and Joint North East AO said:

More info please @a15cro

I'll try and recreate this when I turn my MacBook on next time Chris

[BillyPee]

I have never noticed this problem myself (iPad/Safari). I use a different search engine (DuckDuckGo) and routinely come to this website via a "WSCC Forum" search (not a bookmark). When I tried with Google, I too got the you have won a prize page. Tried the Google search on a MacBook with Safari and Firefox and no problems. The common factors appears to be mobile devices and Google.

[Kingster]

OK, just applied a security patch that included a fix for a possible XSS vulnerability (cross-site script attack) - which might account for this issue.

But it could still be to do with an adSense mobile hijack as previously mentioned.

So - now we have the very latest security patches to both the web server and the forum software, I suggest that anyone affected by this clears their browser cache and history on their mobile device(s).

Mr Google will help you with that if you are not sure what I am talking about.

[Quinten]

Cleared cache and history, but it didn't happen this time performing the same actions.

[Dave Eastwood (Gadgetman) - Club Chairman]

I did the same yesterday and didn't get a repeat.