Safari-Alert ?scam?

Your advise worked perfectly.

Thank you.

Thank you so much, Linc.

My computer is running OS X 10.10.3. I followed your instructions with one difference and the problem seems to be resolved. In case anyone else has the same experience, here's what happened:

Steps 1 and 2 were not successful.

Step 3 seemed to work. There were no unfamiliar downloads.

But when I reopened Safari, the same screen appeared.

I repeated the instructions, with this addition: After force-quitting and restarting Safari again, on the Safari drop-down menu, I selected Clear History and Website Data, then Clear All History, then Clear History.

Then I resumed Step 3 of your instructions. When I reopened Safari, the scam page and pop-up were gone and the browser is functional. At least so far.

Thanks again.

The same thing just happened to me, I had this number pop up with the "Phishing attempt" box and I would not get rid of it even after restarting my computer. 1-877-899-1824. They told me someone form Arizona had hacked into my computer. I gave them control of my mac and they installed "Clean my mac" software and this all took about 1.5 hours as I was on the phone with them. I gave them my name, address and phone number and they had me electronically sign some "agreement" that I would pay with a check and send it out in the mail. $300.00 for 1 year of protection. I have not paid anyone yet and will not, but now I'm scared that these people have my personal information, and still have control of my computer somehow. What do I do now?? Can I take my mac to an apple store and have them look at it and get rid of whatever they put on my computer, (if anything)? Please give me some advice!

bad news. I expect thomas_r will chime in shortly...

The Safe Mac » Tech support scam pop-ups

The fact that you gave them remote access to your computer is bad. They may have left some little nasties around, like a backdoor to get back in to your system in the future or a keylogger to steal your passwords. They may also have accessed any of the unencrypted data on your hard drive.

To start, erase the hard drive and reinstall everything from scratch:

How to reinstall Mac OS X from scratch

Alternately, if you use Time Machine (or something similar) for backups, you can restore your whole system to a point in time prior to giving them access.

Once you have a clean system, you need to start doing things to protect yourself. Change all passwords for all online accounts. If you have any sensitive financial data in unencrypted form on your computer, such as credit card or bank account numbers, notify the company/bank of the potential breach in each case.

These people may also have enough information at this point to effectively steal your identity, so it wouldn't be a bad idea to sign up for a credit monitoring service, like LifeLock. (I don't actually know if LifeLock is any good or not, and don't recommend for or against them; that's just the one that most people recognize, so I used it as an example.)

DO NOT send the check!

(Fair disclosure: I may receive compensation from links to my sites, TheSafeMac.com and AdwareMedic.com.)

I'm new to mac and had same problem. I typed same website address to firefox and when I closed dialog window firefox asked me if i want to open next dialog window (i ticked that don't) Website is www. applealert .co.uk/popup (no spaces- do not open it in safari 😉 )

what works is to delete safari cash file, turn off internet, open safari, close problem tab/window, then turn internet again.

att image is firefox screenshoot and its inspector tab.

THX thedb84 for tip

citipunk

Welcome to ASC - for a new Mac user, pretty spiffy problem solving! I predict a bright future here helping folks. Keep it up.

buenos tardes

ÇÇÇ

This just happened to me in Google Chrome. I had no idea what to do so I called the 877 number that was referred on the popup... I'm pretty sure the number is affiliated with the popup and is part of the scam. The guy basically hijacked my computer and kept asking for more and more information. I know enough about IT to know when I'm getting jacked around by someone, so I kept asking questions and making suggestions but he ran me in circles like I was stupid. Finally when he told me I would have to pay 200$ and let him work on my computer for 30 minutes I was like YEAH RIGHT and told him I couldn't pay him for that and hung up. Just shut your computer off, unplug it or hit the button whatever you can do shut it down. Then when you open up the page will say you'll need to resubmit because it's timed out. Just close the tab and you should be fine. I changed my passwords and things too because he made me download something called Rescue.Me and I wasn't sold on it being safe and I'm keeping an eye on my bank accounts since I shop online sometimes.

Just don't call the number, they just want money and you can fix the issue yourself.

Crivellone

You did good = EXCEPT you DOWNLOADED what they told you!

Consider your Mac compromised.

See the replies in Anybody hear of Geek Technical Support? They seemed to know what they were doing, but their business practices were suspicious. - especially the ones from etresoft and thomas_r

ÇÇÇ

Soo SOO helpful! just saying.....

thank you!

Thanks this worked a treat!!

Thank you, thank you Linc Davis.

So I called the number and gave them my email and name. When they asked to access my computer I hung up. I found this chat room and read through everything. I deleted my downloads and my website data. Is there anything else I need to do? I am just worried they have access to my computer. But they can't do that with my name and email can they?

If you didn't download and install something to give them remote access, they can't have taken it. You're fine.

Yes, this should be fine. Apple had me close down and restart. When you see the gray screen hold down "shift" and that will get you to a safe screen so you can delete everything. You could also go to Safari -Preferences - Security - and disable Java Script; leave the Preferences Dialogue open. Close the malicious window. Re-enable Java Script.