Don't ever go to facebook.cm

Just a warning for all!

I typed facebook into my browser address bar and accidentally missed out the "o" from .com.

It takes you to a website where a virus lies in waiting. Luckily, I use Avast and it caught the virus and terminated the connection before any damage was done but just be warned to be careful and make sure you have a good virus scanner that is up-to-date.

(Mods, please keep this in this section as it's applicable to all).

Oh no! Tempted to go to it now to see if AVG catches it!

I read about the guy that has a catch-all on all DNS errors on *.cm domains... Easy money.

From what I remember he did a deal with the Cameroon government to set it up.

um.... when you visit a website you DOWNLOAD the content of the page... so if your virus coder has half a brain you make it in such a way that it loads up when the page loads....

Could be done using simple Javascript to open up a path to download anything you wanted...

There was no download or anything. I'm not going to the same site again, but I believe it takes advantage of a browser exploit. In this scenario, no download is necessary and unless you have an AV, it's totally invisible to the user.

Indeed but the browser (should) work as a sandbox for any content. So if something other than images, javascript,cookies and html/xml is being downloaded it will always ask you via a prompt. If you say no then you are safe. The problem comes when either the malware site have found some unknown bug/security hole in the browser and can install and run something without the prompt. Very rare but can happen until a hotfix is done. Thats why is suepr important to make sure you have the latest version of your browser and applications such a PDF viewers etc

edited to say, most virus come from installing a prgram or running an attachmetn you think is fine - it may work frine,. but can have malware embedded into the attachement/application that silently installs and runs itself. If you use bittorent and the likes then the files you download are rife with malware/viruses.