"Your Apple Device has been locked..." Another Scam

Jan 15, 2016

 

Does "http://www.alerts-safari.info" say "Your Apple Device has been locked, due to security reasons"? Don't panic, it's not – just don't call the number.

 

Earlier today I accidentally misspelled a url and stumbled into a crude attempt at browser hijacking. The message below was displayed, and it was impossible to close that window, switch tabs, etc. It did indeed seem like the computer, or at least the browser, was locked.


Your-Apple-Device-has-been-locked-due-to-security-reasons.jpg

 

The full text of this part reads as follows:

 

From "http://www.alerts-safari.info"
 
Safari - Alert
 
Your Apple Device has been locked, due to security reasons. You are advised to call the number the helpline number +1 800-870-3001 as soon as possible.
 
Please do not use your device it may lead to stealing of data, contacts and personal information.
 
Kindly speak to the customer care representative in order to get this resolved. Call Support for Apple now on +1 800-870-3001.


 
Your Apple Device has been locked, due to security reasons. You are advised to call the num

 


It's Quite Obviously A Scam

There are no shortage of indicators this is some kind of scam...

the url "www.alerts-safari.info" might seem official but if it doesn't end in apple.com it's almost certainly not from Apple.
there are a number of obvious errors in grammar, most notably "you are advised to call the number the helpless number...". No way Apple makes mistakes like that.
So there is no way this is real, the only question is what to do next.


But It Is A Bit Of A Problem

The problem is that the machine appears, to some extent, to be locked. You can't choose a different tab or do anything else in Safari. Clicking the OK button just brings the same dialog box back up. Force quitting and restarting Safari (even rebooting in between) will just reopen the tabs, including this one, which reintroduces the problem.


No Matter What, Don't Call The Number

It's the first step towards much more serious trouble. A helpful sounding agent (who is most definitely not with Apple) will connect to your machine remotely to perform "diagnostics", then explain that while they can fix the problem, but because you are no longer under warranty, they'll need $500.

And those "diagnostics" also involve installing much more serious malware, spyware, etc. on your machine. In addition to losing $500 you are also further compromising your machine and creating a bigger problem. You don't want to get stuck in a nightmare like this.

There is absolutely nothing good that can come of calling, only more problems, so don't even waste your time.


The Fix Is Actually Very Easy.

So easy you may overlook it. Just click the little checkbox at the lower left that says "Don't show more alerts from this webpage". This is Apple protecting you, with a feature added to later versions of Safari, designed to protect you from exactly this kind of browser hijacking.

Once you close that window, you'll see another scary message that fills the entire browser window – the one shown in the header of this post. Again just ignore it – you can now close the browser tab/window, and that is exactly what you should do.

 


Another Fix

If you are running an older version of Safari, and don't see the "Don't show more alerts from this webpage" option the fix described above is not going to work.

First you will have to Force-Quit Safari, either by clicking the Apple Icon at the top left of your screen (not the browser window but the screen) and selecting "Force Quit...", or by pressing the Command-Option-Escape keys simultaneously.

Both options will take you to the "Force Quit" Window. From there you select Safari from the list and then click the blue button labeled "Force Quit". If you are interested there are still more ways to force-quit an application in Mac OS X.

So - progress. But, depending on your settings, Safari is still likely to try and reopen that same page the next time you launch it, and the problem just starts all over again. The next step is to make sure that doesn't happen, and a couple of simple options for opening Safari without opening the windows from the last session are covered in a different post.


Avoiding The Problem

To avoid the problem in the future, or at least ensure you have a way of fixing it, check your Safari security preferences.

safari-security-setting.png

It is very important to keep the box that says "Block pop-up windows" checked.

Unfortunately this may sometimes interfere with the correct intended behavior of legitimate websites – not very often, but it can happen. When it does you will usually get a dialog box explaining the problem.

In such a case, if you are certain the site is legit, you can temporarily uncheck the "Block pop-up windows" box to you can complete the task. After that you should immediately check it again.

 

Under The Hood

How does this kind of browser hijack work? Most commonly they involve a kind of loophole in Javascript. Javascript alerts often issued when a website need to inform you of some kind of error or other detail. Clicking an “OK” or “Cancel” button should – and generally does – make the alert the alert go away.

By instead putting the alert in a loop, a website can force the message to display repeatedly. This effectively locks out all other functions of the web browser, and giving the impression the browser is indeed locked.



Tags: Security

Related Content

How To Migrate Google Authenticator To A New iPhone

Instructions on how to move Google Authenticator to a new iPhone so you don't lose access to accounts with two-factor authentication enabled.

Why Have Security Questions After Password Authentication?

Asking security questions after password authentication is not just pointless, it actually makes things less secure.

How To Securely Hide (and Encrypt) Files On Mac OS X

How to hide/secure files on your Mac: An easy approach to protecting your data by securing, hiding, and encrypting selected files and folders in Mac OS X.

Security Through Obscurity On Mac OS X – Better Solutions

A look at how security through obscurity (hiding files) is doomed to fail in Mac OS X, plus a look at some easy ways to truly secure files on your Mac.

Showing Hidden Files vs Hiding Regular Files in Mac OS X

They might seem like flip sides of the same coin but the techniques used to show hidden files on a Mac are not the best solution for securely hiding files.

What Does Incognito/Private Mode Really Mean?

The incognito or private mode in your web browser can offer you some additional privacy but not as much as you may think, and you still need to be careful.

Short Guide to (Finding, Sharing, etc.) SSH Keys on Mac OS X

A short guide to SSH keys and Mac OS X: How to create, find, share and add SSH Keys (and deal with related SSH errors and warnings) on Mac OS X.

Open Safari Without Opening Windows From The Last Session

How to open Safari without automatically re-opening windows/tabs from the last session. This can save you if you ever run into ransomware.

Multi-Factor Authentication With Google Authenticator

Using Google Authenticator to increase digital security through the use of multi-factor authentication.

What is Multi-Factor Authentication?

Understanding the concept of multi-factor authentication really isn't that hard, but it is an important step towards better digital security.

Category List


Tag List


Tag Cloud



Archive