Is this a scam?

My husband was using safari watching a youtube video, He put it on pause and opened another safari window to google the person.

and then this window in safari popped up

I closed the window, is there anything else I should check his computer for?


Yes, it’s a scam. I can no longer reach that domain.

Malwarebytes has a free tier that will check your Mac for known malware.


It is 100% a scam. It’s unlikely that it did anything actually harmful to your computer as long as you didn’t click anything else or download something from the page. Just close the window and you should be fine.

It is a scam, and do not click on anything in that window. Apple cannot remotely scan your Mac. Close the browser, then shut the Mac down and wait a few minutes, and then reboot.

1 Like

One other thing to do:

Go into Safari->Preferences->Privacy and search for the URL of the site that triggered the warning. Select it and tap the ‘Remove’ button to remove anything cached from the site and any cookies left.


In addition to what everybody else said, I recommend running an ad blocker. Either as an add-on to your browser or some other mechanism.

Scams like this are often distributed through advertising networks. Some random web site’s ad tells your browser to open a popup window, which presents a scary looking page like this one. If you click on the link, it will try to install malware. Various security mechanisms in your browser and/or macOS should require your approval, but the scammers are expecting that you will give it approval because of the scary web page that claims to be from Apple.

If you are blocking ads, then you probably won’t see the scam at all, since the ad network itself will be blocked.

All this having been said, some telltale signs that this is a scam:

  • You’re viewing a web page. This is a Safari browser window, not an alert from any kind of anti-malware app.
  • Even if you think Apple has some system for scanning and reporting malware through Safari, note that you are not viewing an Apple web site. This page is coming from a domain. Apple would be using a domain that Apple owns. Probably something under or
  • The page has bad English. Probably not written by someone who is a native English speaker.
  • The web page is threatening you. Lines like “2 minute 4 seconds remaining before damage is permanent.” sound scary (something you might see in a movie), but make no sense at all. Malware doesn’t publish timers - it just causes damage. And real malware scanners don’t try to scare you into running them.
  • Why is the page asking you to scan for anything if malware was already detected? Again, they’re trying to scare you into acting without thinking.

Pop up scam. Do not click on the button to ‘scan’. Close window and go about your day.

Apple can run remote diagnostics if you want Applecare

@Simon I second the Malwarebytes recommendation. I have them on all my Macs, my iPhone and my iPad Pro. The iPhone app is really great at both blocking and/or highlighting questionable calls. The Mac app is excellent and right on top of things - daily scans and alerts when needed.

Great advice in the other responses here. I’m recommending to my brother that he check this discussion because he is having some issues and really has neither the time nor the tech comfort to know how to respond to the ever changing security issues online brings to us these days. Thank you all!

1 Like

Geez, you are right. I forgot that Apple Care ran diagnostics on my iPhone years ago.

I assume this was some kind of remote-access app where they ran a utility and collected results as a part of investigating a problem you had already reported to them.

I’m sure they didn’t randomly scan your system without your knowledge and then deliver the report by interrupting a web browsing session with a random popup window.

1 Like

There’s this solution hat is lost in the history archives.

I recently did something (don’t know - fat finger maybe) that caused a very ransomware-ish page to open. I force-quit Safari and then held down the Option key to relaunch Safari. Safari launches with no tabs. You can go to History to reopen the good tabs. HTH Mike


I consider it good practice to configure web browsers to never automatically re-open windows from a previous session. This way, if you must force-quit the browser, it won’t re-open with the tabs/windows that were causing problems. On Safari (at least on Catalina), here’s the relevant preference:


#Recognize and avoid phishing messages, phony support calls, and other scams

Those pop-up virus messages are ALWAYS a scam. They might claim to be from Apple but they’re not. Hysterically, it can even claim to be Microsoft tech support and my Mac clients still fall for it! Sometimes, like in the OP example, if you click on the link it will install some malware.

In a more harmful variation, there’s a phone number to call to speak to a “tech”. The victim usually freaks out because it’s a JavaScript trap that they can’t figure out how to get rid of (it’s actually pretty easy). So they call.

Typically, the “tech” get remote access to your computer, open the system log, and proceed to do very technical scary looking stuff. Then they’ll ask for a credit card number. Ostensibly this is for “lifetime protection”.

Having had maybe a dozen of my clients fall for this over the years, I worry that some sort of keylogger or spyware is being installed, but I think maybe all they’re after is the credit card number. Years ago they only charged a couple hundred dollars. The last incident I heard about it was $2500. Almost always the victims are older people who are pretty insecure about technology anyway.

Scammers that victimize older people really make me especially angry. It sure seems to me like with a trail left from a credit card there should be a means of cracking down on these people.


Now they’re using echecks.

1 Like

This is a newer version of an old scam. No popup in your browser is going to know if your computer is infected, and Apple, or Microsoft, or anyone else won’t either. If you have Malwarebytes scanning, or Intego’s VirusBarrier, which I like better for actual malware, you may get a notification, but not in your browser.


i use main rule do not open something that offered to you with out own ask about , and do not try to unsubscribe for that you do not subscribe for

Well, I have now been a victim of a really nasty scam. I regularly go to the obituary listing of the Syracuse newspaper. I spent 28 years as a pastor in Syracuse and want to be able to respond to families and friends when they have had a death. I regard this as an important task and have had little problem with reviewing the obits. Suddenly I will be looking through the listing and at times opening a particular notice when the screen below suddenly pops up - and completely locks up the program. Restarting doesn’t do a thing because it will happen all over - even though I did not use the browsing history to reopen the page.

I contacted the newspaper and received an e-mail saying they have referred it to the tech folk - that was well over a week ago. The beat goes on. And I have a wall full of protection software. What bothers me is this is stopping me from something very important and it is just senseless. I should have known this might happen when I sent $2,000 dollars to that dear lady in a very foreign country who e-mailed me using the most awful grammar and spelling to help her get her pancake making business started!!!

1 Like

I’m not sure if your post is legit or sarcasm. But I’ll assume legit.

You’re not a victim unless you clicked on the link and sent the scammer money. Did you?

Popup scams like this are unfortunately, all too common. The scammers write JavaScript apps to present scary warnings like this, along with code to make it difficult for you to close the windows or to continue using your browser session. They distribute these “apps” via advertising networks, so they will randomly hit people.

This is one of the reasons I run ad blockers on my web browsers. It prevents a lot of this garbage from ever loading, so I don’t need to worry about whether it is exploiting a vulnerability in my web browser.

Of course, the scam is pretty obvious, if you think about it. It is claiming that McAfee ran a scan on your system, found five viruses, and is asking you to pay money to activate a subscription. That’s not how antivirus software works. If you’re not paid-up, it doesn’t scan for anything. And all of the legitimate antivirus companies give away cleanup tools for free.

If the scam keeps popping up, see if you can clear your browser’s cache. You may be viewing an old, cached copy of the scam. If your browser has a popup blocker, use it. I recommend installing an ad blocker - configure it to block content everywhere except for those specific sites where you deliberately want to view ads (e.g. an ad-supported web site that you want to support).

And whatever you do, do not click on the button in the scam. That will take you to web pages that pretend to be McAfee, but will in fact steal your credit card information, running up massive charges that you will be forced to dispute.