Pop up from apple security

Scam. Apple will never contact you to warn you about malware infection.

Close the window/pop-up. Don’t click on any links, or make any phone calls, or respond to any mail messages.

Due to the system architecture of iOS/iPadOS, unless jailbroken (don’t go there!), your iPad is not susceptible to traditional malware infection per-se. However, as with all computer systems, there are still vulnerabilities and exploits to which you remain vulnerable. Be wary of the myth, repeated by many, that Apple devices are immune to malware; those that perpetuate this untruth simply do not understand the broader threat landscape.

There is one potential source of immediate issues with your iPad that you may need to check - this being for a vulnerability that is often exploited that gives the appearance of a malware infection. This involves your iPad/iPhone Calendar - the symptom being your Calendar appearing to have been populated with regular events that warn of malware infection.

Calendar Infection

Whilst not a malware infection in the traditional sense, if this exploit is observed on your device, it is highly probable that you were manipulated (via a simple click on a website link) into “subscribing” an additional (unwanted) Calendar to your device - and this unexpected Calendar is exposing unwanted calendar events and sending you unexpected “adverts” or other warnings. 

If you see this issue, you’ll need to check for what’s out of place...

iOS/iPadOS13 and earlier: Settings > Passwords and Accounts

iOS/iPadOS14: Settings > Calendar > Accounts

Look for an “account” that shouldn’t be in the list of accounts - as this will likely include the Calendar that contains all the unwanted events. When/if you find the suspect account, tap - then select Delete Account. This should resolve this specific problem in its entirety.

Malware

Most alerts that you see are pop-up messages from websites - these being designed to scare the unwary into giving away sensitive information - or to fool you into doing something that you shouldn’t.

Browser-based attacks can largely be mitigated by installing a good Content and Ad-blocking product. One of the very best and most respected within the Apple App Store - designed for iPad, iPhone and Mac - is 1Blocker for Safari.

https://apps.apple.com/gb/app/1blocker-for-safari/id1365531024

1Blocker is highly configurable - and crucially does not rely upon an external proxy-service of dubious provenance. All processing takes place on your device - and contrary to expectations, Safari will run faster and more efficiently. 

Unwanted content is not simply filtered after download (a technique used by basic/inferior products), but instead undesirable embedded content blocked form download. A extra benefit on metered services, such as cellular connections where you data may be capped or chargeable, this not only improves speed but also saves you money.

1Blocker has also introduced its new “Firewall” functions for iOS/iPadOS15 - that are explicitly designed to block “trackers”. Being implemented at the network-layer, this additional protection works across all Apps.

A further measure to improve protection is to use a security focussed Recursive DNS Service in preference to automatic settings. This can either be set on a per-device basis in Settings, or can be set-up on your home Router. I strongly recommend using one of the following services - for which IPv4 and IPv6 server addresses are listed:

Quad9 (recommended)

9.9.9.9

149.112.112.112

2620:fe::fe

2620:fe::9

OpenDNS

208.67.222.222

208.67.220.220

2620:0:ccc::2

2620:0:ccd::2

Cloudflare+APNIC

1.1.1.1

1.0.0.1

2606:4700:4700::1111

2606:4700:4700::1001

Use of the above DNS services will help to shield you from “known bad” websites and URLs - and when used alongside 1Blocker, or other Content Blocker provides defense in depth.

There are advanced techniques to further “harden” iOS/iPadOS, but these are perhaps beyond the immediate skills of novice users.

I hope this information and insight proves to be helpful.