Q: What should you do if you called the Virus alert 800-741-4144 number?

Don't tell them anything, don't let them access your Mac.

It is a fraud & a scam... Hope you did not call.

This is referred to as phony ransomware.

The browser itself needs to be quit, use Force Quit in the main Apple menu.

• Force an app to close on your Mac - Apple Support

Choose Safari, click force-quit. If that doesn't work as a first step, read more:

See details in this tip created by a member and contributor here in ASC:

Phony "tech support" / "ransomware" popups and web pages

To see or read what's said about clearing out the browser, and perhaps

similar items related to popups and adware, this covers Safari browser.

•Stop pop-up ads and adware in Safari - Apple Support

Hopefully you didn't fall for paying them...

Good luck!

You may consider for security to change passwords and if you store bank or

financial information in your computer, change those passwords to access...

Anything open to you in Admin owner account was open to their remote access.

So that means they were likely able to harvest open information stored in there.

According to the Phony "tech support" / "ransomeware" linked topic information:

"Worse yet, they may attempt to deceive you into granting them remote control of your Mac,

conceivably enabling them to install a "backdoor" granting criminals unfettered ability to har-

vest any or all the information contained on your Mac, to be used for any conceivable purpose.

That's a road you do not want to travel...."

If you have a bank card and other access, passwords to Apple ID (your mail is name)

can be changed; not the AppleID itself; you may need to contact your bank, etc.

I'm not sure what else to check, and the time is near 3 AM here; so I'm rather tired.

Avoid downloading junk-ware cleaning apps that mostly are other scams; they are

not able to correct the after-effects of allowing strangers via remote access into your

Mac, past the security of your own control. There are preventative actions, first.

How to install adware - actually how to avoid it, + how to uninstall it

Some may suggest to get and run an app created by another ASC contributor that has

helped in looking for some evidence of added artifacts that may mean adware malware

or other bits; or maybe symptoms of an issue can be found this way, in troubleshooting

performance. The http://etrecheck.com/ app is helpful if you read through to see what

it can do, and how to use it, and how to understand what it finds, then what to try to do.

This can also generate a report that could be posted as text into an ASC discussion.

And it may not apply to this. Another item that is also originally created by a different

contributor to these ASC discussions, was formerly known as AdwareMedic by T. Reed;

now it is a malwarebytes product, it is free http://www.adwaremedic.com/index.php

Perhaps someone will see this, as the time here is 3AM, so it's 7AM EST US & add ideas.

So I am hopeful but pragmatic.

Assume they have access to anything in there...

Sorry to not have any exacting further ideas in this matter.

TaylorABflwr26 wrote:

 

They got remote access...

They might have installed keylogger or other software which you wouldn't know about. It may be advisable to completely erase your Mac and reinstall the system and your data. In any case you should also change your credit cards and bank etc. passwords.

If you gave them access to your Mac it wouldn't give them access to your phone etc. However you should change your iCloud password - sign out of iCloud on all your devices before you do this, then change the password and sign back in.