Mac users have enjoyed a decline in infection-warning pop-up scams lately, but that brief period of relief seems to be over now.
The high-pressure scams are back with a vengeance, with Sophos senior technologist Paul Ducklin covering several in his latest blog post; and as well as offering to sell solutions to problems that don't exist, they're now riding the coattails of Apple's brand.
In the past, similar scams for Windows-based machines avoided using the name ‘Microsoft' - not that it made any difference to the legality of what they were doing. The Mac scammers have gone a step further by claiming to represent Apple's Support Centre, to the extent of stealing Apple branding and web pages - and actually tidying them up in the process.
Sophos found the scams by visiting an infected site that displayed various scams, including three related to Apple.
The first was the above ‘Support Centre' trick, which also included an auto-playing text-to-speech voiceover with some glaring errors (apparently the viruses send details to hackers ‘remottly').
The next pop-up used the tried-and-true ‘YOUR SYSTEM IS INFECTED' format. Clicking ‘Proceed' redirected to a fake virus scanner and a warning to download a third-party Mac utility.
The third and final scam took the form of a pretty convincing Flash player update, although ironically Adobe skipped Patch Tuesday this month. The link wasn't working, though, so Sophos couldn't check just what damage this one would do.
Macs, famously, are less threatened by cybercriminals than Windows PCs; but attackers are still out there. Sophos' recommendations to Apple users are pretty standard: use threat protection, don't click unknown links and beware of shonky paid-for threat protection tools that pull you in with a free scan. It's all good advice - too many people put all of their trust in Mummy Apple.
HP ZBook x2 offers 32GB RAM, M.2 SSD with up to 2TB storage and Nvidia Quadro GPU
Laptops should be able to offer true all-day working, and some
CGN has created an "online capability gap" between cyber criminals and law enforcement, says Europol
ISPs use Carrier Grade NAT to share IP addresses amongst multiple users
Attack revealed bugs and potential security flaws that were later exploited in real-world cyber attacks