Security scam and pop ups etc

Joined
May 30, 2015
Messages
2
Reaction score
0
Points
1
Hey guys! I'm new here, my first post, so please forgive me if i'm doing this all wrong and point me in the right direction!

I'm having some trouble with my girlfriends macbook air.

The other night i was browsing the internet when it froze and an apple security warning popped up telling me to ring apple support, which I did.

He remotely took over the computer and done a diagnostics, told me i've got big problems, and told me that he couldn't help any further, but he can put me in the direction of who can.

Long story short, he was telling me it was going to cost over £200 to sort out.

I soon found out this was a scam so I hung up, disconnected him from the computer and turned it off!
I feel so stupid for falling for it, i'm usually pretty good with this sort of thing!



But anyway, whats done is done, and i need to get her computer sorted.

I'm not very clued up on computers, I just like to use them, not that they get used an awful lot and to their full potential!

It's now doing 'funny' things. Every other click on an internet page, it'll open a new tab with a pop up, usually a mac cleaner download or something.

I started typing all this out using the device in question, but the typing with becoming delayed, and then i got the spinning coloured wheel, which is still there now- so i've had to start all this again from my mac!


Is there anything I can do to sort this out, bearing mind i don't really know my way around the systems backgrounds!



Any help will be appreciated!


Cheers
 

bobtomay

,
Retired Staff
Joined
Dec 22, 2006
Messages
26,561
Reaction score
677
Points
113
Location
Texas, where else?
Your Mac's Specs
15" MBP '06 2.33 C2D 4GB 10.7; 13" MBA '14 1.8 i7 8GB 10.11; 21" iMac '13 2.9 i5 8GB 10.11; 6S
Well, if you had not let the scammer have access t the machine, I would say just install AdwareMedic and run that.

But, since you did install the software they needed and did give the scammer access to your machine, I would suggest you make a backup if you don't have one of that computer. Then, wipe the drive, do a clean install of the OS and after that only move individual data (such as pics, music, documents, etc.) that she wants manually back to the machine. Do not do a restore via Time Machine, or any other backup softare unless there is a backup from prior to giving them access.

And a note to everyone else that reads this thread...

DO NOT call any phone # that pops up on your computer screen while browsing the internet - NONE - it is a scam.
 

pigoo3

Well-known member
Staff member
Admin
Joined
May 20, 2008
Messages
44,210
Reaction score
1,418
Points
113
Location
U.S.
Your Mac's Specs
2017 15" MBP, 16gig ram, 1TB SSD, OS 10.15
The other night i was browsing the internet when it froze and an apple security warning popped up telling me to ring apple support, which I did.

I soon found out this was a scam so I hung up, disconnected him from the computer and turned it off!
I feel so stupid for falling for it, i'm usually pretty good with this sort of thing!

Sorry to hear about this. But at the same time...great to hear that at some point you realized this was a scam…and terminated things. This sort of thing is getting more & more common…and is called "Ransomware".

But anyway, whats done is done, and i need to get her computer sorted.

It's now doing 'funny' things. Every other click on an internet page, it'll open a new tab with a pop up, usually a mac cleaner download or something.

Is there anything I can do to sort this out, bearing mind i don't really know my way around the systems backgrounds!

To be 100% brutally honest (and helpful).:) If this happened to me…I would feel totally violated. And the only solution that I would find acceptable would be to:

- completely erase and reformat the computers storage
- do a fresh/clean install of the OS
- do a fresh/clean install of all apps

There's no telling what these folks did when they had access to your computer (especially if it's doing "funny things"). And a complete "nuke & pave" would be the only satisfactory solution to me.

I would also strongly think about changing userid's & password's to any online accounts just in case.

HTH,:)

- Nick
 

Slydude

Well-known member
Staff member
Moderator
Joined
Nov 15, 2009
Messages
17,596
Reaction score
1,072
Points
113
Location
North Louisiana, USA
Your Mac's Specs
M1 MacMini 16 GB - Ventura, iPhone 14 Pro Max, 2015 iMac 16 GB Monterey
I would also strongly think about changing userid's & password's to any online accounts just in case.

HTH,:)

- Nick

Good idea as usual Nick. I didn't think of that till I read your post.
 
OP
S
Joined
May 30, 2015
Messages
2
Reaction score
0
Points
1
Thanks for the replies.
While I was waiting for your help I was searching for other ideas, came across a post and someone advised Adwaremedic, so I gave that a go.

It found some stuff and told me to get rid of them, and I did without delay.

So far things seem to be back to normal, no pop ups getting in the way and no spinning coloured wheel.

I've told her to change all her passwords asap.

I'm unsure on backing up and reinstalling, we've got nowhere to back up to, and the air doesn't even have a cd drive?


cheers
 

pigoo3

Well-known member
Staff member
Admin
Joined
May 20, 2008
Messages
44,210
Reaction score
1,418
Points
113
Location
U.S.
Your Mac's Specs
2017 15" MBP, 16gig ram, 1TB SSD, OS 10.15
Good idea as usual Nick. I didn't think of that till I read your post.

Thanks Slydude!:)

@Everyone:

I really have no idea what sort of info these scammers can get access to if a user accidentally fell for one of these scams. But as many of us know…our computers store a lot of personal info via cache's and cookies (stuff like userid's, some passwords, home address info, home phone info, websites we visit often, etc.).

How many websites have a "Remember Me" box that can be checked so that a users ID and Password are "remembered"…so that logging into a frequently visited website is "automatic". And some folks use the exact same password for many or all their online accounts (and don't ever change them).

So potentially for more sensitive online accounts (like credit card companies, online investment accounts, online bank accounts, etc.). All a scammer needs is what websites a person visits often (from web browser caches)…and the passwords they use often (info cached or cookied from internet forums or other sites).

Put these bits of info together…use some trial & error…and access to more sensitive online accounts could possibly be gained. Of course many of these more sensitive online accounts have other security measures. But better safe than sorry…and change those passwords in this sort of situation.:)

- Nick
 

pigoo3

Well-known member
Staff member
Admin
Joined
May 20, 2008
Messages
44,210
Reaction score
1,418
Points
113
Location
U.S.
Your Mac's Specs
2017 15" MBP, 16gig ram, 1TB SSD, OS 10.15
While I was waiting for your help I was searching for other ideas, came across a post and someone advised Adwaremedic, so I gave that a go.

Yes…we recommend that app often.:)

I've told her to change all her passwords asap.

Great idea!:)

I'm unsure on backing up and reinstalling, we've got nowhere to back up to, and the air doesn't even have a cd drive?

Backing up at this point may not be the best idea (unless you only do a manual backup of important files). If an automatic backup is done…anything "bad" that these scammers did to the internal storage could be backed up as well. Then when a "restore" from the backup is done…you could simply "reinfect" things!

But as far as backup solutions for a MacBook Air. Firstly…even the vast majority of computers with a "CD drive"…don't use the CD drive anymore for doing backups.

Solutions you would most likely use are:

- USB thumb drives (mostly for manual backing up of important files)
- External USB hard drives…for doing manual or automated backups.
- Online (Cloud Storage) for backing up or storage of important files.

HTH,:)

- Nick
 
Joined
Apr 26, 2008
Messages
2,963
Reaction score
120
Points
63
Location
Belgium
Your Mac's Specs
iPad Pro 12.9 latest iOS
Thanks for the replies.
While I was waiting for your help I was searching for other ideas, came across a post and someone advised Adwaremedic, so I gave that a go.

It found some stuff and told me to get rid of them, and I did without delay.

So far things seem to be back to normal, no pop ups getting in the way and no spinning coloured wheel.

I've told her to change all her passwords asap.

I'm unsure on backing up and reinstalling, we've got nowhere to back up to, and the air doesn't even have a cd drive?


cheers

Mate,

I really suggest you follow the advice from Bobtomay and backup then re-install.
It is not because there are no popups that all is well.
You gave a total stranger full access to your machine and you have no idea what he did.
If he was not going to make changes ( ie. install something ) then why would he need access.

Buy a USB backup disk, make a backup ( or copy everything across ), re-install and be very selective in what you copy back to the MBA.

Cheers ... McBie
 
Joined
Aug 19, 2014
Messages
792
Reaction score
4
Points
18
also install ad blocker plus which is free and install ghostery as well this will stop this
 
Joined
Nov 28, 2007
Messages
25,564
Reaction score
486
Points
83
Location
Blue Mountains NSW Australia
Your Mac's Specs
Silver M1 iMac 512/16/8/8 macOS 11.6
And if I was your girlfriend.....I would be chasing you with a blunt pocket knife lol!
 

Shop Amazon


Shop for your Apple, Mac, iPhone and other computer products on Amazon.
We are a participant in the Amazon Services LLC Associates Program, an affiliate program designed to provide a means for us to earn fees by linking to Amazon and affiliated sites.
Top