[sysreq #15748] W3C Validator used for fraud, suggest a warning banner from Laurent Carcone via RT on 2021-12-15 (site-comments@w3.org from December 2021)

From: Laurent Carcone via RT <sysreq@w3.org>
Date: Wed, 15 Dec 2021 10:46:20 +0000
CC: site-comments@w3.org
Message-ID: <rt-4.4.3-2+deb10u1-8153-1639565180-546.15748-18-0@w3.org>

Hi,

Thanks for the report.
I have contacted the person in charge of the markup generator and forwarded your message.
There have been some discussions in the past about this problem (see [1] for instance)

[1] https://github.com/validator/validator/issues/842

Laurent

On Wed Dec 08 11:54:09 2021, orion1976@protonmail.com wrote:
> This message sent both to site-comments@w3.org and sysreq@w3.org
> 
> The Validator page, http://validator.w3.org/, which lists HTML errors
> in a user-specified Web page is very often used by thieves operating
> the "Technical support scam
> (https://en.wikipedia.org/wiki/Technical_support_scam)". I know this
> because I must be on a list of potential victims and am often called;
> I let the thieves play with a virtual machine to study what they do.
> 
> Over many years I have very often been asked to type my bank's IP
> address into the validator page; when a long list of errors is
> displayed I am told that they show that my computer is riddled with
> errors and my bank account compromised by "hackers", and that I should
> immediately connect to my bank (while they are controlling my computer
> remotely). While anyone with a little expertise will not be deceived,
> someone, typically old, who has been frightened into thinking that
> "hackers" have been accessing their bank account is at risk of letting
> thieves into it. I would suggest a very prominent banner with a short
> warning should be displayed on the Validator page. It should be both
> above and below the box into which the URL under test is entered, so
> the thief cannot scroll it off the screen. Possible wording:
> "This page lists errors on the Web page entered (www.citibank.com);
> <large, red>they are not errors in your computer or Internet
> connection</large, /red>. This page is used by thieves who connect to
> people's computer and convince them that they have problems, and
> should connect to their bank. Web pages normally have many unimportant
> errors."
> 
> If anyone wants more details on the scam I can provide them, but they
> are not relevant to the W3 Validator.
> 
> I'm initially sending this anonymously - I don't want my name to be
> published - but am happy to provide details in confidence if contacted
> at orion1976@protonmail.com. I am not subscribed to the mailing list.
> 
> Sent with [ProtonMail](https://protonmail.com/) Secure Email.

Received on Wednesday, 15 December 2021 10:46:22 UTC