Have you recently come across a scary pop-up warning when browsing online, which was warning about your Mac being infected with spyware and it seemed impossible to click anywhere on your Mozilla, Chrome or Safari? Did you have to restart the computer to make the system run properly again? Or have you even called the provided Apple support number just to hear your ‘helper’ talking with a thick Indian accent trying to get remote access to your computer? If it sounds familiar, you have fallen into the trap of ‘MAC OS is infected with Spyware’ scam, which has been very active since the beginning of 2019.
Mac Os Is Infected With Spyware Scam quicklinks
- Is ‘MAC OS is infected with Spyware’ a scam
- Why are you seeing ‘MAC OS is infected with Spyware’ scam
- How to remove ‘MAC OS is infected with Spyware’ pop-up
- Automatic Malware removal tools
Fortunately (or unfortunately, depending on how you responded to this scam), this website was only lying to you and there is no spyware installed on your computer (yet!), nor you need to call the special number in order to fix any errors. Tech support scams, which there are plenty, for both Windows and Mac, e.g. Your Mac Might Be Infected!, Your Mac Is Infected With 3 Viruses!, Error # FXX000, are based on scareware features aiming to frighten targeted victims so much that they would start acting irrationally, based on fearful emotions rather than logic and eventually let the scammers enter their computer or share credit card data, bank account info or make direct money transfer and etc.
Although ‘MAC OS is infected with Spyware’ scam is a very typical looking fraud, which can easily be recognized for being fake, there is no shame if you have fallen for it because these scammers are professionals in social engineering, cold calling, and trickery. In this post, we’ll try to show why ‘MAC OS is infected with Spyware’ is classified as a Tech support deception, how did you end up seeing it and what to do the next time you come across any virtual deceit.
Is ‘MAC OS is infected with Spyware’ a scam
Bottom line up front, yes, ‘MAC OS is infected with Spyware’ is a tech support scam and you should avoid it, moreover, refrain from calling. For someone who has never come across this type of virtual fraud, at first, the pop-up can look very believable, especially when back in the day the real technical support was provided remotely pretty often. However, the true services would never lock your browser, lie about your system having a virus, in the same page giving their number for you to call. But that is not the only questionable feature of this scam.
Our researchers found out that this exact Official Apple Support scam has been active at least for around a year. The reason why it did not get caught yet, was because it kept changing domains and provided numbers. So even if the URL and contact info would differ, the message would stay the same:
MAC OS is infected with Spyware and other malicious applications. Spyware must be removed and system damage repaired. It is necessary to Call Apple Support +1-888-514-0187 and follow Virus removal procedures immediately, please proceed.
** If you leave this site your Mac OS will remain damaged and vulnerable**
As the Virustotal.com report showed, some of those malicious sites would get recognized by a few antivirus programs, but the newest wouldn’t cause any negative attention. Honestly, there is nothing dangerous on the site itself, it is the scammer that will do all the bad deeds when called. That is why it is very important to be aware of what web pages you visit and what numbers you choose to call. The most recent scam numbers are:
Some user on Scammer.info noted that he figured that there are at least 13 scammers working for this campaign. They are based in India, speak with a typical accent and once called give their fake anglicized name. Once they receive the call from the victim they claim to be part of Apple Support and urge to download a special program that allows them to connect to your computer through remote desktop access. What typically happens next depends on a scammer. They can install an actual virus on your Mac, just to show that the system is infected and then install a free antivirus, but for a high fee, which supposedly cleans the system, they can lock your whole screen and steal your logins and other sensitive data kept on Mac, or blackmail you with files and pictures you don’t want to get published. There are just too many ways, ‘MAC OS is infected with Spyware’ scammers can benefit from accessing your PC, therefore it is imperative not to engage in any conversation with them and remove the scam immediately. (What to do if you were scammed?)
Why are you seeing ‘MAC OS is infected with Spyware’ scam
With no exception of ‘MAC OS is infected with Spyware’ fraud, tech support scams typically come from less economically developed areas and target more wealthy English speaking countries like the US, the UK, Australia and etc. Although not a long time ago it Was reported that even in India more than 80% of locals in 2016 and 68% of people in 2018 were experiencing some sort of tech support scams as well. Apart from India, these countries are targeted not only because of language, but also because scammers can expect a bigger payment/profit from the victims.
While other scams use cold calling to breached numbers in order to reach out to victims, ‘MAC OS is infected with Spyware’ and its other variants typically wait for the user to initiate the contact first, but in order to make the victim call them, they apply various confidence tricks and shocking messages claiming that the computer is in a very dangerous situation. Once the victim calls once, they record the number and can easily begin calling back.
Such socially engineered messages tend to include some popular service or brand related with computers, in this case – Mac OS itself, so the targeted person would gain a sense of familiarity and etc. They are placed on various shady domains, which can be found when browsing on dubious sites. Although the majority of ‘MAC OS is infected with Spyware’ links are already marked by one or a few antivirus programs as being phishing campaigns, there are just too many to stop them all. Meanwhile, scammers keep changing domains, so they would not get caught for as long as possible. (How to recognize tech support scam?)
How to remove ‘MAC OS is infected with Spyware’ pop-up
Getting rid of ‘MAC OS is infected with Spyware’ scam pop-up is fairly simple and requires minimal computer knowledge. Despite it locking the browser screen it does not affect any other applications or system, therefore can be easily closed just like any other program on Mac – pressing Command+Option(left alt)+ESC buttons together and then selecting Chrome, or whatever browser you are using, to Force Quit. After closing the window, you can reopen the search engine, just don’t forget to start a ‘new session’ and not restore the old one, because the pop-up fraud will simply come up again.
This should be sufficient to not be bothered by the scam, however, if you still feel unsure about the safety of your Mac, you can simply run a free system scan with Combo Cleaner, which will check if there are no other threats in the computer. What is more, you can Block that website which the ‘MAC OS is infected with Spyware’ scam came from, but, mind you, there are plenty of them.
Automatic Malware removal tools