Tech Support scams hit the Apple ecosystem

Support scams targeting the Windows operating system have been a significant issue for many years, with crooks parting many a user from their cash – after calling them up with tales of woe before proceeding to install malware on their system, or charge them for utterly useless ‘security solutions’.

Now, however, the problem has jumped the divide and landed on the Mac, as well as other Apple devices, says Malwarebytes.

Researchers at the antivirus company have spotted a new ruse which sees iOS and OS X users tricked into thinking there is something wrong with their system.

Abusing a genuine Apple remote assistance feature – the company’s customers can log onto https://ara.apple.com with a unique session key to obtain aid from a Certified Technician – the crooks use an Apple-alike pop-up window designed to scare the unaware into making an unfortunate decision:

Critical Security Warning!

Your Device (iPad, iPod, iPhone) is infected with a malicious adward attack.

Anyone calling the included phone number will not be connected to someone at Apple though – they will, instead, find themselves talking to a fraudster who will then encourage them to download some type of remote assistance software.

As Malwarebytes points out, this type of ruse is uncommon, so the bad guys add in a dash of apparent authenticity by pointing their soon-to-be-victims toward ara-apple.com, a domain which may just sound plausible enough to trick the unwary into interacting with the links contained on its homepage.

That it has taken this long for such a scam to begin appearing in the news is a surprise, given the rate at which Apple’s popularity continues to grow, but such fraudulent warnings are not as uncommon as you may think, notes Jerome Segura, who said:

There has been an explosion of tech support scams via malvertising and fraudulent affiliates. All systems are targeted, not just Windows PCs and in fact, fraudulent warnings for Mac are getting extremely common.

Segura says Malwarebytes has contacted both the registrar for ada-apple.com and its hosting provider in an attempt to get the site shut down.

Even so, it is just one of many such sites and tech support scams continue to remain popular (‘Microsoft’ rang me yesterday, funnily enough).

Therefore, it pays to remain on your guard, questioning every pop-up and phone call you receive. Remember, neither Microsoft nor Apple is likely to ring you directly and any website or pop-up that suggests you have an issue with your device is almost certainly looking to make a buck out of a misfortune you don’t even have (unless you respond).

Leave a Reply