Plenty of users are bombarding Apple support communities as well as other malware removal sites complaining about a persistent scam that is aimed at the owners of Mac devices.
How the scam works
The essence of the scam is based on the attempt to scare the end-user. When victims visit specific websites, cyber crooks show a pop-up page with an additional sound alert.
One of the victims reported the following address:
The webpage title says: “Your system is infected with 3 viruses!”
It continues: “Your Mac is infected with 3 viruses. Our security check found traces of 2 malware and 1 phishing/spyware. System damage: 28.1% – Immediate removal require!”
Although some tech-savvy users might suspect it is a scam, some other users get perplexed by the page that looks like an original Apple website and an “AppleCare Protection Plan” logo. It all may seem legit from the first glance.
As per user complains, this scam can often be found when visiting online streaming sites, torrent sites, free software download sites, etc. There is a deep psychological reason for that. People who download illegal copies or stream copyrighted material are already a bit scared of being caught. It is easier to influence them.
Again, each time this page pops up, it is accompanied by a loud beep. If you are using headphones, it may even hurt your ears.
As per MacSecurity experts, nothing serious happens here. Mac users should not worry.
In reality, it is a fake website that tries to convince you to download rogue software.
Some victims report they cannot block or close the page. However, the new version of Safari, in such cases, allows you to click the back button. Sometimes you have to click it twice. Safari browser will show a message and ask if you want to close the page. Just confirm that you really want to do it.
The rogue popups are shown by websites you visit directly, or by other websites you are being redirected to by the one you visited earlier.
If you go to the original Apple site, you will find that there is no “AppleCare Protection Plan” there. It simply does not exist. Impersonating the Apple site, creators of the page try to make it more convincing.
And the main goal of the loud beep sound is to scare users and make them think that something horrible has happened to their device.
To stay away from this scam, it is advised to avoid the initial site that shows the popup or redirects you to the scam webpage. Sometimes it is hard to find which website causes it. Checking surfing history in your browser and looking through recently visited websites may help.
No matter what type of website causes it, even if it is a useful resource, the owners of the site are actually crooks. They lure people into visiting their site by offering useful features/content, and in the end of the day, every user who goes there becomes a victim. They make money from installs of rogue software. That is the sole reason the website exists.
Sometimes highly reputable sites get hacked and start serving popups or redirect visitors to scam webpages. Owners of these sites do not run any shady business with people behind the scam. They are victims too.
Fake alerts in question do not pop up on just one particular site or a group of sites. There are myriads of sites that show rogue popups. It is almost impossible to stop them. Scammers set up their own servers to get around ISPs canceling their accounts.
When scammers’ URLs get blacklisted, they set up several new domains instead. There are billions of letter combinations to be used. It is a never-ending cat-and-mouse game.
What is even worse, there are quite a few countries outside the USA whose governments do not do anything to prosecute these cybercriminals, even when computer security experts report their location and names.
Problems with adware
Adware installed on your Mac can also show the scam webpages, attempting to make you buy worthless software. Sometimes they show pages with a phone number and request to call tech support. These are premium phone numbers, and users pay huge sums when calling.
You can get Mac adware by downloading free apps from unofficial stores. Once infected, users start to surf the web finding ways to get rid of nasty ads, alerts, and redirect. What is very sad, by doing that, they fall victim to other scams.
For example, many people end up downloading MacKeeper, which is a scam itself. MacKeeper suggests running a scan. After the scan, it asks for your credit card info to pay for the removal of infections. Some time ago, MacKeeper was everywhere. The unethical company behind MacKeeper invested heavily in aggressive ads and affiliate promotion.
It is some kind of a vicious circle. Users get scammed by fake popups and then trying to solve this problem, stumble upon MacKeeper and similar fake cleaning\antivirus tools.
If you dig a bit and read about Macs and other Apple devices, you will understand that all antivirus apps on the App Store are pointless. They cannot do what they claim as all Apple apps have numerous restrictions on what they can access and do.
After targeting Windows users, cyber con artists turn their heads toward Mac users. There are plenty of ways you can be scammed. The most important thing you can do is to change your attitude and develop safe cybersecurity habits.