978-502-7672
978-502-7672
Tap to dial
Stacks Image p3220_n3871
Stacks Image p3220_n3873

Swear by your computer, not at it.

Swear by your computer, not at it.

Stacks Image 3229

TekBasics Topics

TekBasics Topics

TekBasics Topics is a blog that is updated occasionally with tips, news, and advice of interest to TekBasics clients.

Be careful where you step

The other day I typed whitepages.com into my Safari browser. I was greeted with a notification that my Adobe Flash Player is out of date and that I should download the latest version.

Something didn’t feel right. The icon accompanying the notice looked like a white LEGO brick with a sad smiley face. Would Adobe or Apple use that icon? Why wasn’t it the red Adobe Flash Player icon? So I looked at the web page address and it wasn’t what I had typed. I must have made a typo and I was redirected to a page I had never seen before. I realized I was being scammed. I had two choices… click on a Download Flash button or an OK button. Well, I didn’t want to download anything from this page so I clicked on the OK button.

I should have quit Safari because something downloaded even though I thought I was dismissing the message. I checked my Downloads folder and sure enough, there was a downloaded file named adobe_flashplayer_e2c7b_Setup.dmg. Needless to say I trashed it immediately.

Was my Flash Player up to date? To check, I opened System Preferences and clicked on the Flash Player icon in the bottom row. I clicked on the Advanced tab and clicked the Check Now button in the Updates section. I was assured there were no new updates and that my Flash Player was up to date.

I’m an Apple consultant and I almost got tricked into installing scamware. They’re out there looking for you, too.

It was probably a phishing attempt to get me to enter my personal information onto a bogus website. Or it may have been malware that would cause my browser to pop up a message telling me my Mac has problems and I need to call a toll-free number to have an expensive system maintenance utility installed on my Mac that would keep my Mac running smoothly.

You’ve probably heard the old joke… Looks like it. Sounds like it. Smells like it. Feels like it. Tastes like it. Sure am glad I didn’t step in it.

Be careful where you step.

UPDATE 2015-March-5 — John Braun writes in The Mac Observer that he also downloaded adobe_flashplayer_e2c7b_Setup.dmg in his article: Apple’s OS X Gatekeeper Leaves Hole Open for Malware and Adware - Here’s How to Protect Your Mac.

Malware on a Mac?

We recently fixed a client’s Mac with several problems:

  • On startup an unauthorized diagnostic scan occurs
  • Ads popping up everywhere
  • Popup windows appearing
  • Invasive links
  • Very slow, sluggish browsing

This was a first for TekBasics. We’ve had clients who have been scammed, but this was the first time we were asked to fix malware on a Mac.

We would like to name the apps that we fixed, but the companies behind these apps are suing people who are calling the apps malware. For example, David A. Cox recently posted on www.facebook.com/pcclassesonline that his company paid over $17,000 in legal expenses after a lawsuit was served by the maker of MacKeeper. Cox had warned people about downloading it and called it malware.

TXXXXXXXXXC is scamware / scareware that automatically scans your Mac, reports issues, and then asks you to go to their website to purchase a tuneup app.

MXXXXXXXR is very similar to TXXXXXXXXXC.

TROVI is adware that hijacks your browser, changes your browser settings and displays advertisements and sponsored links in your search results in order to boost advertising revenue.

‘Suspicious Activity Might Have been Detected’ is a scare message displayed by a browser. The message is displayed by a rogue JavaScript message that prompts you to call APPLE SUPPORT at a toll-free number and visit MAC-ONLINE-SUPPORT.COM. This is very misleading and might even be illegal because you are certainly not calling Apple. It is surprising that Apple has not shut these folks down. But like in the Whack-A-Mole carnival game, as soon as one is shut down another pops up.

Not only was this the first time TekBasics was asked to fix malware problems, but there were several malware issues… and they were all on the same Mac!

Where did this malware come from? According to Ed Bott on ZDNet, ‘…the overwhelming majority of malware is installed by the victim, who is fooled by social engineering…’ For example, a certain malware app has advertising links on speedtest.net and it is easy to be tricked into clicking a button you think will begin the speed test, but instead it downloads a malware app. File sharing and music sharing websites are also often sources of malware.

Click safe.

UPDATE 1/21/2015: What ‘MacKeeper’ is and why you should avoid it

UPDATE 7/7/2015: Scary Internet Scam Becoming Disturbingly Common

Scam alert! It happened to a client, and then it happened to me

In August a client called me, concerned she might have been scammed.

She received a phone call from a guy with an Indian accent who said he was from Microsoft technical support and he was calling because her computer was causing problems with the World Wide Web. She let him install software on her Mac so he could demonstrate the problem to her. (She realized later it was absurd that Microsoft was calling her… she uses a Mac, not Microsoft Windows.) He fast-talked her into purchasing virus protection software for $200, which he installed remotely.

When she called me to ask if this was legitmate I advised that she contact her credit card company and cancel the transaction. Turns out the scammer also billed her for five years of software updates at $50 per year. She cancelled her credit card and ordered a replacement. Because her computer had been compromised she was concerned about her privacy, so TekBasics reformatted her disk and reinstalled her applications, eliminating any trace of the scammer’s software.

Two weeks ago I received a phone call from someone promoting the same scam. They’re out there. Be alert and do not fall for this scam.

You can find many reports of this scam by searching the web for ‘Microsoft support scam.’

UPDATE 7/7/2015: Scary Internet Scam Becoming Disturbingly Common

Show more TekBasics Topics

Login

TekBasics Topics is a blog that is updated occasionally with tips, news and advice of interest to TekBasics clients. TekBasics provides consulting and support for Apple product users near Nashua, NH.

Stacks Image p4537_n4512
I’m Dave Price and I've used Macintosh since it launched in 1984. I've always been the go-to Mac guy during my teaching years and high-tech career. I started TekBasics in 2010 because of the need for an Apple resource in the Nashua area. I look forward to working with you, whether it's troubleshooting or learning more about Apple technology.

When I'm not on my Mac I enjoy spending time with my family. I'm a husband and father to three grown kids and I'm blessed that my two grandkids live nearby.

Contact Us
Call 978-502-7672 between 9:00 a.m. to 5:00 p.m. Monday thru Friday.

Stacks Image p4537_n4738

Calls received after business hours will usually be returned the next business day. If we don’t answer immediately we’re probably with a client. Leave a voice message or send an email and we’ll call back as soon as we can.
Learn Apple Products
Take advantage of the many resources available to learn about Apple's products:
Stacks Image p4537_n5276

Contents © 2017 TekBasics. Apple, Macintosh, Mac, OS X, and macOS are trademarks of Apple, Inc., registered in the U.S. and other countries.