Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Safari-Alert ?scam?

I was browsing Safari on my IMac today when I suddenly got a dialogue box supposedly from Apple Security called Safaro-Alert. It claims suspicious activity detected. Your browser might have been hijacked and then it gives a number to call 1-866-782-9**8 (Not Apple)

Since then I cannot quit Safari on the IMac and when I force quit it returns as soon as I open it.

Anyone else had this experience. Bob (Using my wife's MacBook)


<Personal Information Edited by Host>

iMac (21.5-inch Late 2009), OS X Mavericks (10.9.4)

Posted on Sep 3, 2014 3:29 PM

Reply
100 replies

Jun 2, 2015 7:44 PM in response to thomas_r.

Hello. So I'm not the most tech savvy person and I fell victim to this scam. It was on my IPad. I called the number and fell for everything they were telling me. They asked for my phone number, email, and credit card number. They sounded so helpful and I completely fell for it! I never dow loaded anything they said. They just said that they could help me and it would cost me $30. Now I'm a college student and am living with my parents. My mother after hearing this immediately told me that we need to take action. So we froze my credit card, called them and terminated my credit card account. Everything seems to be fine now. Nothing seemed to be taken. And even though they never asked for computer access, I made sure to call a legit support company and they said nothing thankfully was in our computers. This whole ordeal has made me so anxious just because I feel as though they will be angry about not getting the money, but I know now that they just wanted to get a quick $30. Everyone please be careful out there. Use me as an example of you must

Jun 25, 2015 5:39 PM in response to marlenefromdenver

So this afternoon I too fell for this scam. I did not take a screenshot of the original "alert" telling me that my computer has been compromised and that I must call apple. I paid this "company" $149 for them to clean my macbook pro and remove all of the viruses, or whatever they said. They had remote access to my computer and they said that I should not touch my computer for 30 minutes while the technician was working. While the "tech" was working I did write down all the things that were done to my computer.


They used

1: Citrix Online Launcher

2: TeamViewer

3: adblockplus.org

4: JSBlocker

5: CCleaner-I saw them put the cleaner into the applications folder

6: I also saw a window with "pings" and I have no idea what that is

They gave me a form for future tech support. On this form the contact email is: support@techguiders.com The two #'s listed for future tech assistance is:

1-844-617-2526, +1-844-415-5465

On the invoice from my payment the company name is Webtree LLC

2711 Centerville Road, Wilmington, Delaware 19801

1-800-810-3293

They also used two #'s to call me with during this process:

1: 661-748-0240

2: 702-330-5441

After I hung up the tech support I googled some stuff and then I realized it was a scam. I did have my doubts but for some reason I fell for it. I immediately called my cc company and I have to wait for the charge to go through before I contact billing to dispute the charge. I was issued a new card.

I now feel extremely vulnerable and I am mad at myself. I am extremely worried that they will access my computer in the future. I have an appt. with someone from the Genius Bar tomorrow evening.

I hope someone can give me some advice.

Aug 5, 2015 4:38 PM in response to delindafromboyd

I am beyond furious about this. I took a screen shot of the pop up window. I called them and as stated above, they pretended to be an Apple Tech. I allowed them access to my computer and I grew suspicious when they tried to up-sell me. I hung up on them and force quit the links. Since I have a back up, I proceeded to erase my hard drive and re-install Yosemite and then install my back up from nine days ago. I did not want to risk any trace of what they may have done to my computer to remain. That is why I did an erase and re-install. I am furious of this situation and I wish like anything that these people could easily be prosecuted to the full extent of the law... I really feel terrible for the people above that actually charged their credit cards... What a huge inconvenience to all involved...

Aug 18, 2015 8:11 AM in response to marlenefromdenver

I Had just replaced ny iPhone and had been working with Apple support when I received this pop up. I feel really stupid for calling the number, but I did. I captured everything the guy did in a wire shark trace. I stayed online with him long enough to find out what he was after , I think! He tried to get me to allow him to connect me to a company named Quick Solutions and for 280 bucks they will rid your PC/network of what he called a worm. Im not sure what he did before I figured out what was about to happen to me, but I first opened wire shark, which ****** him off. I let it run for a few minutes before killing the network. anyway, I have his IP address And the trace. I'm not sure that would make any difference, but is there anyone I could report him to that would to any good?

Aug 18, 2015 10:03 AM in response to Smshirk

Well done.


Apple's preferred method for reporting these kinds of things are both straightforward and obscure.


Forwarding an email to reportphishing@apple.com is the most common - but this doesn't cover your experience, methinks - but - sending a message to this address cannot hurt.


The obscure one is Apple - Legal - Contact - you will need to be methodical in your choices on this page, in particular:

  • Provide the URL of the MOST likely culprit (this may NOT be the "sharing" service, the SCAMmer may be using a legit service, but if that is all you have...)
  • Choose "Counterfeit & Knockoff Products" from the 'I have a question about:' MENU
  • Check the box "I have additional documents or photos to provide"
  • Choose "Internet Services" from the "Which Apple product is the most similar..." MENU


Again, good job.

ÇÇÇ

Aug 22, 2015 8:05 PM in response to marlenefromdenver

I got this today on the iPad. I somewhat modified the helpful instructions given here, and it seemed to go away. I turned of the wifi, went to Settings-Safari-Advanced. Then I turned off the Java script. I was finally able to open Safari and change the web site. I turned the java script and wifi back on, and now it seems to be working.

Oct 4, 2015 3:06 PM in response to Stephisa

This is what I got on my Mac in Safari just a bit ago: "

Are you sure you want to leave this page?


*********** System Security At Risk ***********


Critical Security Warning! Your Mac has detected a serious attack on this system, as your IP Address seems to accessed from two different locations at one time. A Suspicious Connection was trying to access Your Logins, Banking Details & Tracking Your Internet Activity.


Please contact the Mac Support team immediately at 1-855-266-8939(TOLL FREE) Â and provide error code UR97L1DA2TA to scan and resolve the" I did call, but got cold feet and didn't actually provide the error code or any other information. (I'm suspicious of such things by nature.) Am I okay or might they have been able to do something to my computer anyway? I was able, eventually, to get out of the stupid window and close Safari, which seems to be working fine now. Just checking if I should be worried.

Oct 4, 2015 3:58 PM in response to mrhcihocki

Good eye and judgement if you did nothing but ignore it and post about it here.


You could do further good deeds by copy/pasting your post into an email + the WEBSITE you were visiting when this happened to reportphishing@apple.com - AND - going here > http://www.apple.com/legal/contact/ < and reporting it as a "Counterfeit & Knockoff Products" - fill in all you can - especially the WEBSITE you were visiting when this happened.

Dec 9, 2015 12:15 PM in response to marlenefromdenver

I think this scam may be related to the Citrix Receiver. My wife just had this pop-up come up (same issue, locks Safari up, etc). She doesn't visit any 'suspicious' sites but installed Citrix Receiver over the weekend to access a virtual machine at her University campus. Fast forward a few days and now this pops up.


I had her uninstall the Receiver and the message has not popped up since. Is it possible that the Citrix Receiver somehow allowed this malware in if the University system was compromised?

Safari-Alert ?scam?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.