Author Topic: Fake Malware Warning  (Read 2063 times)

Blicj11

  • Storm
  • *****
  • Posts: 3941
    • EW3808
    • KUTHEBER6
    • Timber Lakes Weather
  • Station Details: Davis Vantage Pro2 Plus | WeatherLinkIP Data Logger | iMac (2019), 3.6 GHz Intel Core i9, 40 GB RAM, macOS Ventura 13.6 | Sharx SCNC2900 Webcam | WeatherCat 3.3 | Supportive Wife
Fake Malware Warning
« on: July 05, 2017, 03:54:22 PM »
Yesterday I received a fake malware warning in my browser. It looks amazingly legit, except for a few things.
  • AppleCare doesn't scan computers
  • Nobody can scan your computer remotely; they can only scan a file you upload to their server or have you download their files that scan your computer after being downloaded
  • While the URL appears to be from apple.com, legitimate URLs usually need not be this long - apple.com-webbrowsing-security.review/en/index.php?_jsess=e48eaf8c8cdaef2969ce6af2c53126a1&os=OS%20X%2010.12&app=MacKeeper&browser=Safari&voluumdata=BASE64dmlkLi4wMDAwMDAwNi00OTc4LTRlNzktODAwMC0wMDAwMDAwMDAwMDBfX3ZwaWQuLmZhODkzODAwLTYwZWEtMTFlNy04MzkzLWFiZTRiYzcxZTJmYV9fY2FpZC4uMWFjZDA2MzEtNWQ5Ny00YWMzLThjZGUtNzRmMTU4YWJmMzE0X19ydC4uREpfX2xpZC4uNThkYzI0MzUtYTI4ZC00NTFkLTg1ZDAtMDM0ZDI1YmYzZmJmX19vaWQxLi5lNGU3Njg4MC1lODU0LTQxMDItYmY1OC0yMDNmMTIzMTcxYTFfX3ZhcjEuLjE1NTk1NDEtMzE5NzU3MTM2Ny0yNDkwOTAyNzM5X192YXIyLi5FTl9fdmFyMy4uMTQ5OTE5ODAzMjExMjA3ODEyMTAyNDMyMzEzOTAyOTk2OTJfX3ZhcjQuLjE0OTkxOTgwMzNfX3ZhcjUuLjQ0ODY0MTM0X19yZC4uX19haWQuLl9fYWIuLl9fc2lkLi5fX2NyaS4uX19wdWIuLl9fZGlkLi5fX2RpdC4uX19waWQuLl9faXQuLl9fdnQuLjE0OTkxOTgwMzM1MzY&zone=1559541-3197571367-2490902739&lang=EN&cid=14991980321120781210243231390299692&time=1499198033&campaign=44864134#b
  • The word MacKeeper appears in the URL - a dead giveaway that this is a scam - questionable company in Ukraine with clearly dishonest marketing techniques
I took a screenshot, copied the URL and then quit Safari and restarted it, and all was well. Fortunately, I run Safari in a Private Window so there is no remaining trace or history of that tab that popped up whilst I was reading an article on a site for a local newspaper.
Blick


wurzelmac

  • Storm
  • *****
  • Posts: 1361
    • ITIROLPR2
    • Wetterstation Pr?graten am Gro?venediger
  • Station Details: Davis Vantage PRO2 Plus (24h fan aspirated, wireless) with UV/Solar | Weather Envoy Data Logger | Mac mini 2023 M2 8/256 | 1x Canon EOS 1300D | macOS Sonoma 14.2
Re: Fake Malware Warning
« Reply #1 on: July 05, 2017, 06:03:28 PM »
Thank you Blick for letting us know!

 ThU32:-)
Reinhard


elagache

  • Global Moderator
  • Storm
  • *****
  • Posts: 6494
    • DW3835
    • KCAORIND10
    • Canebas Weather
  • Station Details: Davis Vantage Pro-2, Mac mini (2018), macOS 10.14.3, WeatherCat 3
We all need to be on our toes. (Re: Fake Malware Warning)
« Reply #2 on: July 05, 2017, 11:42:59 PM »
Dear Blick, Reinhard, and WeatherCat cautious world wide web surfers,

Yesterday I received a fake malware warning in my browser. It looks amazingly legit, except for a few things.

Unfortunately it is relatively easy to fake a well-known site.  It is just about impossible to keep corporate graphics from being copied.  If you replicate the graphics and fonts - it will look extremely genuine.

Nobody can scan your computer remotely; they can only scan a file you upload to their server or have you download their files that scan your computer after being downloaded

This is a nitpick but for the sake of completeness.  Software does exist for others to remotely control your computer.  This can happen for example when you are beta testing some software and the developer would like to look at your installation to see if he/she can spot what is causing a bug that he/she cannot easily replicate on the development machine.  Since such remote control is possible, someone could come up with a service to remove malware remotely and there might be customers who are too busy to do this stuff for themselves.  However, quite clearly you need to give permission for this sort of remote control to happen.  Still, given that art of deception is constantly growing, one should certainly be extremely careful in ever allowing anyone to control your computer remotely.

Cheers, Edouard  [cheers1]

xairbusdriver

  • Storm
  • *****
  • Posts: 3126
    • EW7115 (E7115)
    • KTNGERMA20
    • Mid-South Weather
  • Station Details: Davis VP2 wireless + remote Anemometer/2014 Mac min - 10.15.7/WC 3.0.5
Re: Fake Malware Warning
« Reply #3 on: August 16, 2017, 04:49:05 PM »
Sent the following plain text to some friends who use Windows. "http.../www.thewhir.com/web-hosting-news/microsoft-warns-users-to-be-diligent-as-tech-support-scams-get-more-sophisticated"
(I had to separate some of the url to prevent the friendly forum software from converting the text to a link. Not worried about here, but I just wanted to show what was in the email.)

I also reiterated the warning to NEVER, EVER click a link in an email. I encouraged them to go directly to the company mentioned in the email and look for help there. I also suggested that their browser may even recognize the site they want to visit with only the first few letters of the site's name. If the browser is guessing correctly, simply stop typing and press return/enter. That could avoid the human problem of mispeling the name and ending up at a malware site that actually uses that mizspeld domain!

Of course, too many folks my age seem to not understand how easily a human brain can be tricked...
Now, about that land in East Miami...
THERE ARE TWO TYPES OF COUNTRIES
Those that use metric = #1 Measurement system
And the United States = The Banana system


TechnoMonkey

  • Strong Breeze
  • ***
  • Posts: 127
    • EW9323
    • KTXARANS6
    • TechnoMonkeys Weather
  • Station Details: La Crosse WS-2315 / High Sierra Server / Mac Mini 2.3 GHz Intel Core i5/ 8GB Ram / OS 120GB SSD / Home Folder 500GB FireWire / DATA 8TB RAID 5 / 1TB TIME CAPSULE
Re: Fake Malware Warning
« Reply #4 on: August 17, 2017, 02:54:34 AM »
Those scams are directed at ex-windoze users.  Windoze users got use to clicking and downloading everything possible that suggested any hint of increased performance.  It all stems back to the old days when "Mac has eight programs but windows has thousands, why would you want a Mac?".  They always neglected the part about how the eight programs actually worked and Mac didn't need thousands of non-working programs.

Macs are headed to the windoze way of life (yeah, that really sucks, but what can we do), but the OS itself is still pretty tough to crack without permission.  When a Mac asks you for a password and that is not what you expected, BACK THE F**K AWAY!