Adware scam by CBR Tech Solutions
I am writing this post to alert the community to an adware scam that is currently victimizing Mac users.
There is a PUP circulating within Macs that in the pc world is known as securitylog.systems. It creates a popup that informs the user of potential security threats and infections and then advises the user to contact a team of IT professionals via the toll free number 866-***-****.
That number and this scam is being run by a company called CBR Tech Solutions with a US office in Elizabeth, NJ but using tech people in India.
Unfortunately this scam victimized an underage minor, in this case my daughter. Based on the alarming alerts from this popup, CBR manipulated her to 1) give up her MacbookPro password and 2) provide her student debit card number to which CBR charged $191 for three months of "tech help." By the time I was told what was going on, the CBR tech in India had taken control of her laptop and installed MacKeeper, Sophos, and LogMeInRescue - all programs notoriously difficult to remove and in the case of the former, a known contagion for adware and malware. From what I can tell (and hope), CBR did not install any other software and some people consider Sophos to be a reliable product (while others do not). I think the primary scam that CBR is perpetrating is the manipulation of the user to pay for the "tech support," and the self-perpetuating cycle of adware that then needs a tech support "fix" by some of the same companies creating the adware in the first place.
My daughter was in tears when she realized what had happened and I am using this as a great teaching moment about "safe harbor" computing practices. We were able to alert Chase Bank credit card fraud protection department to advise them of the fraudulent CBR conduct and cancel the debit card before the pending charge was completed, and I believe I have restored her computer now after three hours of headache.
It's unfortunate that the Mac world has its cancers like CBR but hopefully others can avoid this problem by being made aware of this particular scam, how it works, and its perpetrators.
<Edited by Host>
MacBook Pro, OS X Mavericks (10.9.5), null