The type of online scam, which freezes up web browser‘s screen with a pop-up window and prompts people to call for IT technicians (the number is ALWAYS given), is well known for most of the Internet users. It is referred to as tech-support-scam and is known to be triggered by a malware infection. As the malware analysts of Malwarebytes claim, such fake messages „fall into the ‚browlock‘ category.“ The most important thing is NOT to call the given support number and, instead of that, immediately remove the malware. Otherwise, these messages may keep reoccurring.
However, late last year, Malwarebytes‘ malware analysts have detected a new type of scam targeting Apple‘s Mac OS running Safari web browsers. Scammers are now promoting a registered scam website, which once accessed enables malware and hijacks Mail App and Safari browser. Immediately after the infection, malware scans the system to find out its version and other specificities and then starts creating a series of email drafts. The number of email drafts is increasing until RAM memory gets low and the system freezes. Soon after that, an iTunes window opens with a warning message saying:
Warning!! Virus Detected !!
Transferring Your Personal Data and Pictures.
Call Apple Support (Toll-Free) +1-844-480-0876
This type of scam is referred as denial of service (DOS) attack. As we have already pointed out, Mac OS starts generating email drafts in rampant when a Mac owner visits a malware-infected website. However, the malware is executed on the system via the draft emails, which typically indicate email@example.com or firstname.lastname@example.org as a sender. However, these scammy emails are never actually sent to people, but rather automatically generated by an infected website, which is why the uncontrollable flow of email drafts on Mac OS fall outside the category of „spam.“
Jerome Segura, the founder of DOS attack targeting Mac OS running Safari lately, has pointed out that this issue may appear in older Mac OS versions without exception. Luckily, a denial of service attack on Mac may be prevented by updating the system to the MacOS Sierra 10.12.2. While the latest MacOS Sierra version will block a series of email drafts on Safari generated by malware, the iTunes window with a warning message and bogus tech-support-number may still emerge.
In general, the primary purpose of technical support scam to trick people into thinking that their PCs are seriously infected and need a professional maintenance. While proficient PC and Mac users are not very likely to fall for this phony, inexperienced users may be frightened by a locked screen and threats like data leakage. Unfortunately, but the telephone numbers provided on support scam messages are managed by hackers who may try to gain remote access to people‘s Macs and PCs, prompt them to install doubtful applications or subscribe useless services. In the end, the victim of tech support scam and DOS attacks who calls the supposed technicians ends up losing the money or installing malware on the system.
If you have already experienced a DOS attack while browsing the net with Safari browser, we would highly recommend you to initiate a scan with MacKeeper to remove malware. After that, consider upgrading OS to the MacOS Sierra 10.12.2 to prevent further attacks.