My husband was using safari watching a youtube video, He put it on pause and opened another safari window to google the person.
and then this window in safari popped up
I closed the window, is there anything else I should check his computer for?
Thanks.
Yes, itâs a scam. I can no longer reach that domain.
Malwarebytes has a free tier that will check your Mac for known malware.
It is 100% a scam. Itâs unlikely that it did anything actually harmful to your computer as long as you didnât click anything else or download something from the page. Just close the window and you should be fine.
It is a scam, and do not click on anything in that window. Apple cannot remotely scan your Mac. Close the browser, then shut the Mac down and wait a few minutes, and then reboot.
One other thing to do:
Go into Safari->Preferences->Privacy and search for the URL of the site that triggered the warning. Select it and tap the âRemoveâ button to remove anything cached from the site and any cookies left.
In addition to what everybody else said, I recommend running an ad blocker. Either as an add-on to your browser or some other mechanism.
Scams like this are often distributed through advertising networks. Some random web siteâs ad tells your browser to open a popup window, which presents a scary looking page like this one. If you click on the link, it will try to install malware. Various security mechanisms in your browser and/or macOS should require your approval, but the scammers are expecting that you will give it approval because of the scary web page that claims to be from Apple.
If you are blocking ads, then you probably wonât see the scam at all, since the ad network itself will be blocked.
All this having been said, some telltale signs that this is a scam:
system-appstore.com domain. Apple would be using a domain that Apple owns. Probably something under apple.com or icloud.com.
Pop up scam. Do not click on the button to âscanâ. Close window and go about your day.
Apple can run remote diagnostics if you want Applecare
@Simon I second the Malwarebytes recommendation. I have them on all my Macs, my iPhone and my iPad Pro. The iPhone app is really great at both blocking and/or highlighting questionable calls. The Mac app is excellent and right on top of things - daily scans and alerts when needed.
Great advice in the other responses here. Iâm recommending to my brother that he check this discussion because he is having some issues and really has neither the time nor the tech comfort to know how to respond to the ever changing security issues online brings to us these days. Thank you all!
Geez, you are right. I forgot that Apple Care ran diagnostics on my iPhone years ago.
I assume this was some kind of remote-access app where they ran a utility and collected results as a part of investigating a problem you had already reported to them.
Iâm sure they didnât randomly scan your system without your knowledge and then deliver the report by interrupting a web browsing session with a random popup window.
Thereâs this solution hat is lost in the history archives.
I recently did something (donât know - fat finger maybe) that caused a very ransomware-ish page to open. I force-quit Safari and then held down the Option key to relaunch Safari. Safari launches with no tabs. You can go to History to reopen the good tabs. HTH Mike
I consider it good practice to configure web browsers to never automatically re-open windows from a previous session. This way, if you must force-quit the browser, it wonât re-open with the tabs/windows that were causing problems. On Safari (at least on Catalina), hereâs the relevant preference:
#Recognize and avoid phishing messages, phony support calls, and other scams
Those pop-up virus messages are ALWAYS a scam. They might claim to be from Apple but theyâre not. Hysterically, it can even claim to be Microsoft tech support and my Mac clients still fall for it! Sometimes, like in the OP example, if you click on the link it will install some malware.
In a more harmful variation, thereâs a phone number to call to speak to a âtechâ. The victim usually freaks out because itâs a JavaScript trap that they canât figure out how to get rid of (itâs actually pretty easy). So they call.
Typically, the âtechâ get remote access to your computer, open the system log, and proceed to do very technical scary looking stuff. Then theyâll ask for a credit card number. Ostensibly this is for âlifetime protectionâ.
Having had maybe a dozen of my clients fall for this over the years, I worry that some sort of keylogger or spyware is being installed, but I think maybe all theyâre after is the credit card number. Years ago they only charged a couple hundred dollars. The last incident I heard about it was $2500. Almost always the victims are older people who are pretty insecure about technology anyway.
Scammers that victimize older people really make me especially angry. It sure seems to me like with a trail left from a credit card there should be a means of cracking down on these people.
Now theyâre using echecks.
This is a newer version of an old scam. No popup in your browser is going to know if your computer is infected, and Apple, or Microsoft, or anyone else wonât either. If you have Malwarebytes scanning, or Integoâs VirusBarrier, which I like better for actual malware, you may get a notification, but not in your browser.
i use main rule do not open something that offered to you with out own ask about , and do not try to unsubscribe for that you do not subscribe for
Well, I have now been a victim of a really nasty scam. I regularly go to the obituary listing of the Syracuse newspaper. I spent 28 years as a pastor in Syracuse and want to be able to respond to families and friends when they have had a death. I regard this as an important task and have had little problem with reviewing the obits. Suddenly I will be looking through the listing and at times opening a particular notice when the screen below suddenly pops up - and completely locks up the program. Restarting doesnât do a thing because it will happen all over - even though I did not use the browsing history to reopen the page.
I contacted the newspaper and received an e-mail saying they have referred it to the tech folk - that was well over a week ago. The beat goes on. And I have a wall full of protection software. What bothers me is this is stopping me from something very important and it is just senseless. I should have known this might happen when I sent $2,000 dollars to that dear lady in a very foreign country who e-mailed me using the most awful grammar and spelling to help her get her pancake making business started!!!
Iâm not sure if your post is legit or sarcasm. But Iâll assume legit.
Youâre not a victim unless you clicked on the link and sent the scammer money. Did you?
Popup scams like this are unfortunately, all too common. The scammers write JavaScript apps to present scary warnings like this, along with code to make it difficult for you to close the windows or to continue using your browser session. They distribute these âappsâ via advertising networks, so they will randomly hit people.
This is one of the reasons I run ad blockers on my web browsers. It prevents a lot of this garbage from ever loading, so I donât need to worry about whether it is exploiting a vulnerability in my web browser.
Of course, the scam is pretty obvious, if you think about it. It is claiming that McAfee ran a scan on your system, found five viruses, and is asking you to pay money to activate a subscription. Thatâs not how antivirus software works. If youâre not paid-up, it doesnât scan for anything. And all of the legitimate antivirus companies give away cleanup tools for free.
If the scam keeps popping up, see if you can clear your browserâs cache. You may be viewing an old, cached copy of the scam. If your browser has a popup blocker, use it. I recommend installing an ad blocker - configure it to block content everywhere except for those specific sites where you deliberately want to view ads (e.g. an ad-supported web site that you want to support).
And whatever you do, do not click on the button in the scam. That will take you to web pages that pretend to be McAfee, but will in fact steal your credit card information, running up massive charges that you will be forced to dispute.
