Usually, APPLE SECURITY BREACH pop up shows up in the browser when some potentially unwanted program (PUP) gets installed on the device. Typically, redirects to the tech support scam website are triggered by adware. This ad-supported application can modify Chrome’s, Firefox’s, or Safari. Explore the web knowing that strong security protections in Safari help keep you safe. Like iCloud Keychain, which securely stores and autofills your passwords across all your devices. If a password breach is detected, Password Monitoring alerts you. The official looking alert, which is presented in a native iOS alert housing, pops up randomly in Safari and attempts to convince the user that the device has crashed “due to a third party application in. Apple Security Warning pop-up is whats known as adware. Adware promotes lots of websites to trick you into buying software by displaying fake alerts. It is recommended to always read the Terms.
Update: read my newest post on these scams Mac Q & A: Another Scam from macsystemalerts.com
The site applesecurityalerts.com is definitely a scam that’s going around. That domain is not owned by Apple. The site and phone number are a scam.
Your Safari was hijacked after visiting a site that was compromised by the scammers, or you inadvertently clicked on a link to that fake site applesecurityalerts.com. What you saw is a fake security warning that is designed to look like an authentic warning (an authenticate warning is at the bottom of this page) from Safari when you’ve been disconnected from the Internet for some reason. (See image 1).
Image 1: Fake Safari Warning Message – don’t call the number
And you did right by checking to see if that was a real Apple number and not calling. It’s obviously not an Apple number; it’s a number used by a number of software scammers who want you to call so they can sell you garbage software or talk you into letting them remotely install software on your iMac. Not something you want to do.
Best thing to do is get rid of any remnants of that site in Safari. You need to clear your browser cookies to get rid of what ever is left from the scammer site. Go to Safari >> Preferences… >> Privacy >> Remove All Website Data. That means you’ll have to re-login to many sites that you may have saved logins for, but you need to clear your cookies and browser cache to get rid of the redirect and the hijacking.
Those popups at applesecurityalerts.com highjacked my own Safari – I got the dreaded “beach ball” that spun and spun – and I had to force quit Safari. (Go to Apple Menu >> Force Quit and then select the App and quit it). You may have had to do that already.
There are a bunch of support threads in the real Apple Support Forums like this one Safari-Alert? Scam? Apple Support Communities that outline more about the scam site and what to do and how to clear out Safari.
And unfortunately, those forums also tell stories of some people who were sucked in and called the number. Their Mac may now be compromised, or at very least, they lost some money.
Don’t go to the site again, but if you looked at the source code to applesecurityalerts.com (which I did), you’d see that it is a fake website, complete with Google Analytics tracking, so the perps can see how many hits they were getting.
If you Google search for applesecurityalerts.com, the top hit is that domain, with the title “Apple.” But it’s not Apple.
Image 2: Safari Scam Popup – don’t call the number
I got various popups at that “site”, one even saying something about the FBI getting involved and that all my data was going to be detained and procedures initiated against me if I didn’t pay a fine. (see image 2).
Right.
But unfortunately, some users will be sucked in by that. Or at least they call the number for help.
Using Whois.com on applesecurityalrt.com yields the domain registration, which points to someone named Aatif Sheikh, in New Delhi, India. The email for the domain is techiezoneline123@gmail.com and was used in one scam outlined at Techiez Online – Scam Report ID: #8246 Said they were Apple Tech Support but are not.
And that name and email is also used for the domain registration of another site called instantcomputerfix.com, which shows an address in the US, at 9550 S. Eastern Avenue, Suite 253, Las Vegas, NV 89123. instantcomputerfix.com appears to me to be a bogus site, complete with clipart and fake testimonials.
If you Google that phone number 1-866-782-9808 that the alerts want you to call, you’ll see listings for companies such as techiezonline.com, online-help-service.com and more who use the number.
So, in other words, you did right by not calling that number. Be sure and clear your cookies and cache. And be wary of any kind of popup like that. Apple products are so popular now that they are the target of scammers and hackers, and you need to be vigilant. Be sure you have “Software Update” set up to run automatically to keep OS X updated with security fixes and Apple’s own security updates.
Update 11/18/14 instantcomputerfix.com appears to be making outgoing calls from 702-847-1321 and attempting to convince Apple users that their Mac has been infected. Don’t fall for this.
Update 9/12/14 – the site applesecurityalerts.com has been disabled again. The domain registration information for the domain has changed; the email is now domains.chariot@outlook.com, the domain registrants’ name has been changed to “Domain Registration” and the address is now Goa and not New Delhi.
Update 9/10/14 – the site applesecurityalerts.com is now back.
Update 9/04/14 – the site applesecurityalerts.com has now been suspended by GoDaddy and no longer works. What you see when you go to applesecurityalerts.com is the real Safari warning for a site that Safari can’t find:
A Real Safari Warning when Safari can’t find a domain
But users may still see the the fake popups from Safari’s cache on your Mac and possibly from other sites.