Have I been scammed

allchange · Aug 3, 2023

I received a warning stating that me computer has been infected with a Trojan virus an to call apple to get the problem solved I phoned the apple number and went through a lot of information the end result was that i should renew my apple support as it had expired. then asked for money it all a bit worrying. Can anyone help me with this.
David

MacInWin · Aug 3, 2023

It is a scam. If you gave your credit card or bank information you need to call the card company or bank and let them know you have been scammed and to block the card/account.

There are no viruses in the wild for the Mac.

Sorry that happened to you.

Raz0rEdge · Aug 3, 2023

Yes, you were scammed.

Those pop-ups are just malware or scareware (more appropriately) since it's totally false but scare you into calling a fake number. You're talking to scammers most likely in India who will take your CC info and bleed it dry.

As Jake said, hopefully you didn't get them your financial info, if you did, take the advised action.

Slydude · Aug 3, 2023

Good advice, as usual, gentlemen.

For others reading this thread, here's an idea. When a popup like this appears, jot down the number and check it against known Apple support numbers. Here's a list to get you started.

Contact Apple for support and service - Apple Support

Find a phone number for your country or region, or start a SignTime session.

support.apple.com

Also, check the spelling and grammar in the popup window. If you see grammatical/spelling errors avoid it at all costs. I've been using various Apple products since the late 1980s and I don't think I've gotten any communication from them with those kinds of errors. I have gotten/seen bogus content with those kinds of errors.

Raz0rEdge · Aug 3, 2023

Good advice to check the number, but know that Apple, Microsoft, and these big corporations do not monitor each individual computer for issues. They don't prompt you to call them. They all have support numbers you can dial if you are having issues.

allchange · Aug 3, 2023

thanks for the reply I did not give any banking details. Also I could not get rid of the pop up it completely blocked my computer even turning it of had no effect.

allchange · Aug 3, 2023

I let her take control of my computer will that cause problems later.

Raz0rEdge · Aug 3, 2023

allchange said:
I let her take control of my computer will that cause problems later.

Potentially. Since we know this is a scammer, they could've done anything from grabbing files to installing things like keyloggers to monitor activity and so on.

The ONLY way to really take back control is backup your important data to an external drive, and do an erase and clean re-install of macOS.

MacInWin · Aug 3, 2023

allchange said:
I let her take control of my computer will that cause problems later.

Most likely. Change all of your passwords immediately. They probably ripped them all off. And then do as Ashwin suggested, back up and erase/reinstall to get rid of anything they installed. But do the password first, particularly the bank/credit card and any other financial ones.

allchange · Aug 3, 2023

Thats an awful lot of password's to change. Does any one know how to save my BT email to an external hard drive.I have an old Western Digital I can use.

MacInWin · Aug 3, 2023

It's your money and reputation. I'd do the passwords NOW and worry about BT email later. If you make a backup before the reinstall, the emails should be saved in it.

You basically gave a stranger the keys to your house with your wallet on the counter and a printed list of every account you have opened everywhere. That person is now racing to get all out of your accouts that they can before you take any action.

IWT · Aug 3, 2023

@allchange

This must be a terrible time for you, no question. I think all of us here in the Forums are striving to mitigate the damage that could happen to you.

Stay with us and we shall help.

1. Create a Backup (BU) of all your data (and settings if possible). You haven't said whether you have Time Machine which is part of the Apple system, or some other BU process. But a BU is essential.

2. Erasing the Mac's internal drive and reinstalling the Operating System (OS). To assist you in this, the process is the same as if you were selling the Mac. Read this Apple Link below, carefully and follow the instructions. Once you have finished, you will have a "Welcome" window the same as if you had just bought the Mac. Then follow the instructions about downloading your data and settings from your BU - Time Machine is the easiest.

What to do before you sell, give away, trade in or recycle your Mac

Reset your Mac to factory settings to prepare it for a new owner.

support.apple.com

That part is "relatively" easy. The tiresome part is the changing of all your Passwords (PW) that exist within Keychain. Some may be of little interest or danger to you; but all PWs which are linked to personal details, banks, subscriptions, and - of course - your Apple ID will need changing.

My heart bleeds for you because that part is the hardest of all.

If we can help you in any way along the line, post back and we'll do all we can.

Ian

Randy B. Singer · Aug 3, 2023

allchange said:
...Also I could not get rid of the pop up it completely blocked my computer even turning it of had no effect.

It's almost certain that you encountered a malicious Javascript ad (which gave the appearance of your Mac being frozen on the pop-up) pushed to an otherwise legitimate Web site. Browsers were updated to avoid malicious Javascript ads about 7 years ago. But apparently someone has found a way around that. The good news is that there is no malware on your Macintosh. This article will tell you how to deal with things if you encounter a malicious Javascript ad situation that appears to freeze your Mac in the future:

Scary Internet Scam Becoming Disturbingly Common
http://tidbits.com/article/15777

MacInWin · Aug 3, 2023

Randy B. Singer said:
The good news is that there is no malware on your Macintosh.

I'm not sure you can say that now, Randy. In post #7 it was said that the OP gave access to his machine to the scammer. Who knows what they may have installed at the time?

Randy B. Singer · Aug 3, 2023

Raz0rEdge said:
The ONLY way to really take back control is backup your important data to an external drive, and do an erase and clean re-install of macOS.

I agree that this is the only way to be 100% sure that there is no malware or spyware on your Macintosh.

However, I'm not as sure that it is necessary. A really good commercial anti-virus program can detect key loggers and other spyware that the bad guys might have installed on your Mac. This one is excellent, and free:

VirusBarrier Free Edition (free)
https://itunes.apple.com/us/app/VirusBarrier-Scanner/id1200445649

Once you get a clean bill of health from VirusBarrier, if you are still concerned that there might be spyware on your Mac, you can run:

LULU (free)
https://objective-see.com/products/lulu.html
Lulu us what is known as a reverse firewall. It detects it when anything on your Mac is making connections to the Internet. You can use Lulu to keep any software that is accessing the Internet that you don't recognize from doing so.

Of course, any information that was on your Mac that is sensitive (e.g. credit card numbers, bank account numbers, passwords, e-mail addresses, etc.) might have been stolen while you were sharing screentime with the bad guys. The bad guys may already may have all that, and you need to take steps to keep the bad guys from misusing that information.

Randy B. Singer · Aug 3, 2023

MacInWin said:
I'm not sure you can say that now, Randy. In post #7 it was said that the OP gave access to his machine to the scammer. Who knows what they may have installed at the time?

See post #15.

For what it's worth, I strongly suspect that the bad guys didn't install any spyware on the original poster's machine. What the bad guys wanted was anything valuable that they could easily use to either drain a bank account, or to easily scam others.

They can use e-mail account information to scam others. (There is the very common scam where the bad guys contact folks on the victim's contact list, pretend to be the victim, and tell the contacts that they have an emergency and need to be wired money). Any information with regard to bank accounts or the like would be a plus.

But surveilling the victim via spyware would take a lot of time and effort, for little potential gain. There is also the possibility that law enforcement can use spyware found on the victim's computer to track down the bad guys.

That's just my take. I've never heard of an instance where scammers of the type that we are talking about installed spyware. I'm not saying that it's not possible for them to do so. But if that was part of their MO, I'd expect to have heard of an instance of it happening.

MacInWin · Aug 3, 2023

Randy B. Singer said:
See post #15.

For what it's worth, I strongly suspect that the bad guys didn't install any spyware on the original poster's machine. What the bad guys wanted was anything valuable that they could easily use to either drain a bank account, or to easily scam others.

They can use e-mail account information to scam others. (There is the very common scam where the bad guys contact folks on the victim's contact list and tell them that they have an emergency and need to be wired mone). Any information with regard to bank accounts or the like would be a plus.

But surveilling the victim via spyware would take a lot of time and effort, for little potential gain. There is also the possibility that law enforcement can use spyware found on the victim's computer to track down the bad guys.

Thanks just my take. I've never heard of an instance where scammers of the type that we are talking about installed spyware. I'm not saying that it's not possible for them to do so. But if that was part of their MO, I'd expect to have heard of an instance of it happening.

Yeah, I posted about 2 minutes before you did, so we crossed on that one. And I agree, they probably stole everything they wanted/needed while they had control. What is most important is to get the passwords changed ASAP, before they take over his entire life. They may have left spyware behind to report on any changes, but a good run of VirusBarrier Scanner should give some indication of that.

pm-r · Aug 3, 2023

Randy B. Singer said:
LULU (free)
Objective-See: LuLu
Lulu us what is known as a reverse firewall. It detects it when anything on your Mac is making connections to the Internet.

Is LULU similar in function to Little Snitch or as good or better in its functions, but I must say it's certainly much cheaper:

Little Snitch

Protects your privacy and prevents your private data from being sent out to the Internet without your knowledge.

www.obdev.at

Little Snitch always seems to have been the top recommended product but maybe that's old news these days.

- Patrick
=======

Randy B. Singer · Aug 3, 2023

pm-r said:
Is LULU similar in function to Little Snitch or as good or better in its functions, but I must say it's certainly much cheaper:

Little Snitch made it's name as a reverse firewall. Lulu is a reverse firewall too.

Little Snitch has evolved to also include regular firewall features, as well as a bunch of other related features. I really don't think that any ordinary user needs a reverse firewall, or even a third party regular firewall. Most folks use a gateway or modem that includes a hardware firewall, and that's all that you need. Plus a hardware firewall creates no processing overhead.

What I've found is that Little Snitch, as a reverse firewall, gives self-serving reports and that it mainly just serves to make users unnecessarily paranoid. The Macintosh is innately "chatty", and those chats are legitimate functions. (Yes, I know that inevitably there will be that one person who chimes in that they use Little Snitch and that it has "saved them" from all sorts of stuff. I'm not convinced. We will just have to agree to disagree.)

I suggested that the original poster use Lulu because all that they need in this instance are Lulu's reverse firewall features. Little Snitch would provide more information, but I'm not sure that extra information is needed. In fact, I'm not convinced that the original poster even needs to run Lulu, but since it's free, if they are concerned about spyware, it's there for them to use.

My general view is that most users tend to be frugal, and that most appreciate being given the option of using free software, assuming that it is of high enough quality:

Free Macintosh Software
http://www.macattorney.com/free.html

allchange · Aug 4, 2023

I have Carbon Copy Cloner installed backs up once a week. I also do have Time machine set up for a daily scan

Have I been scammed

allchange

MacInWin

Raz0rEdge

Well-known member

Slydude

Well-known member

Contact Apple for support and service - Apple Support

Raz0rEdge

Well-known member

allchange

allchange

Raz0rEdge

Well-known member

MacInWin

allchange

MacInWin

IWT

What to do before you sell, give away, trade in or recycle your Mac

Randy B. Singer

MacInWin

Randy B. Singer

Randy B. Singer

MacInWin

pm-r

Little Snitch

Randy B. Singer

allchange

Shop Amazon