While the Mac is still the most secure operating system known to man, several security threats are becoming more prevalent for Mac users. These threats are actually more of a nuisance than a critical security threat. You don’t have to worry about changing all your passwords or bank accounts if you fall victim to these, but they are unsettling intrusions.
The threats come in two categories: adware and fake security alerts. This post covers fake security alerts, see our related post about adware.
Fake security alerts happen when you visit a web page and a window pops up with a security warning. These warnings claim that a security issue has been identified with your computer and advise you to call a phone number, listed in the alert, for help in resolving the issue. These alerts sometimes use other scare themes like warning you that your computer has been locked down or that illegal files have been identified. Don’t believe anything you read in these warnings.
These alerts are just a form of pop-up window designed to be un-dismissable. There’s no close-window button normally found in the upper left, and clicking on any of the buttons that are displayed in the window brings the pop-up alert window right back. These fake security alerts are made more irritating by the fact that Safari and other web browsers normally bring you back to where you left off the next time you relaunch the browser. You can force quit the browser, or even restart the computer, but when you launch your web browser again, you’re right back to the alert.
If you find yourself trapped by one of these alerts, first know that they are entirely false. Anyone on any computer will see the same message if they visit the same page that triggered the alert for you.
To get out of the fake alert trap, you need to force-quit, then relaunch your browser while overriding the feature that brings you back to where you left off.
These fake alerts usually disable your ability to quit your web browser normally, so you have to force-quit the browser. To do this, press the command-option-escape keys at the same time. This will bring up a Force Quit window. Choose your web browser in the resulting window and click the force quit button.
Relaunch Web Browser
Next is to relaunch your browser without going back to where it left off. To do this, hold down the shift key as you re-launch the web browser, either by clicking on it in your dock or double clicking on the browser icon in the Applications folder.
That should get rid of it.
If you called the number provided in the fake alert, they likely asked to take control of your computer, and then pointed out a bunch of (normal) things claiming that these are evidence of serious problems, and then they try to get you to pay $300 for assistance in resolving the “problem.” If they installed remote control software on to your computer, you may need to seek advanced support in uninstalling it (or Google instructions for uninstalling if you know the name of the software they used, usually it’s GoToMyPC or LogMeIn). If you paid them money, contact your bank and request that charges be reversed. We’ve had reports of people who found that their bank was familiar with the scam and was very cooperative in having the charges reversed.