1

Today I was on the Walmart site and then 10 seconds later out of nowhere it redirected me to a amazonnaws site and it said,

'MESSAGE! Congratulations insert internet provider here user, you have been chosen for a chance to get a new Iphone 7, Macbook Pro or Ipad. Click OK to continue.'

I close the Google app and reinstalled the app. The reinstall didn't help. I tried restarting my phone and then after a few minutes it happened again.

Does my iPhone 6S have a virus or anything cause it keeps on doing it and it's really annoying. What should I do? By the way, I used the Google app when it happened.

schroeder
  • 129,372
  • 55
  • 299
  • 340
captaincj2005
  • 11
  • 5
  • What location does this happen? Over 3/4G or Wi-Fi or both? If Wi-Fi, at home or everywhere? – Julian Knight Sep 11 '16 at 09:36
  • from what I know only through Wi-Fi. But it stopped popping up it's not popping up anymore so if it hasn't been doing in anymore do you think it will do anything? Cause my phone has been acting normal. – captaincj2005 Sep 11 '16 at 15:27
  • Does this happen inside of an app or on the home screen? – André Borie Sep 11 '16 at 16:34
  • only on the google app. (but it isn't doing it anymore.) – captaincj2005 Sep 11 '16 at 16:36
  • @captaincj2005

    Is your internet provider centurylink? If not, i am curious who your provider is and if you only get this when you are connected to your provider or do you get when you are connected to other providers as well.

    I have started to see this too (about 2 months ago), but only when I am connected to my home internet. This happens on my android and on my spare iphone.

     – Some Dude Sep 11 '16 at 16:42
  • well from my knowledge it only did it on my internet not my LTE. – captaincj2005 Sep 11 '16 at 17:18

2 Answers2

0

s3.amazonnaws is not a valid site (domain name) so it would be helpful if you let us know exactly what you are seeing. A screenshot would be useful.

s3.amazonaws.com (S3 Amazon AWS) is a valid domain owned by Amazon and from which many files can be served since it is the service Amazon provide to people to store and serve files.

You will need to provide further information for us to work out exactly what is happening but it seems at first look to be that the website has some annoying advertising on it that is popping up the image. Make sure that you close the page in the Google app completely so the ad is not re-triggered.

Since you are using an iPhone 6S, you should be able to install an ad-blocker and I strongly advise you to do so in order to avoid such issues.

I also advise installing ad-blockers for all browsers since there are too many rogue adverts around capable of installing malware

Julian Knight
  • 7,132
  • 19
  • 23
  • It actually stopped doing it so do you think I'm fine cause it's not doing anymore,it might do it again but time will tell.Do you think I should bring my phone to the apple store and or AT&T store just in case? (edit 1) Oh I forgot to tell you it didn't happen on the safari app just the google app I think the google app can't download anything unless I use google on a computer. – captaincj2005 Sep 11 '16 at 15:20
  • No, I think it has stopped because the site that caused it is no longer being looked at by the Google app. There is no need to take it into a store. The story about the Google app is more complex and another question for a different site I'm afraid. Don't sweat it. But do look at ad-blockers, they are worth their weight in gold! – Julian Knight Sep 11 '16 at 15:30
  • what do you mean by 'the site is no longer looked at by the google app.'? Will my phone be safe or is it still "affected"? – captaincj2005 Sep 11 '16 at 15:43
  • You will likely see the same thing if you go back to the same website. I don't believe this is malware. You don't need to worry about it. – Julian Knight Sep 11 '16 at 17:05
0

The quoted text sounds fishy. Sounds like a site that will trick you into downloading malware.

Since this is on an iOS operating system, I am inclined to think you do not have a virus. I believe iOS (like Android and Chrome OS) uses sandboxing techniques, which, unlike a classical OS (like Windows or Mac) will severely limit the abilities a virus would be given.

It is possible you were on a look-alike site. (pretending to be Walmart or Google) Pay close attention to the address bar.

However, if you were truely using the official Google App, then that rules out Google impersonation, and pretty much rules out Walmart impersonation as well because Google is pretty good about serving legitimate links to high-profile sites.

If you were on an HTTP connection (not HTTPS) then it is possible for someone on your network to be intercepting your connection and redirecting you to an attacker site. Pay close attention to the address bar and make sure that it is truly walmart.com (and not walmart.someone.else), and that it is an https:// connection.

If its HTTP then it is insecure and you should only use a Private/Personal WiFi that is also password protected, and has no infected machines on the network.

Someone mentioned the ISP can do this (just like a WiFi user could), and that is true, but only on HTTP, not HTTPS for the correct https://www.walmart.com/.

What actually happened is a subject of speculation, unless you can reliable reproduce.

700 Software
  • 13,997
  • 3
  • 55
  • 82