Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Huntn

macrumors Core
Original poster
May 5, 2008
23,686
26,804
The Misty Mountains
Chrome (Mac) message:
MacWebSecurity10.online says:

Your Computer is infected with an adware or malware causing you to see this popup.

This may happen due to obsolete virus protections.

To fix, please call Apple Support at 1-844-809-6389 immediately. Please ensure you do not restart your computer to prevent data loss.

Possibility of Data & Identity theft, if not fixed immediately.

This message appeared when using Chrome on a black page with a large Apple icon saying Powered By Apple.com.
---------------

Here's the background. This morning I tried to log into my Amazon Chase Visa account online using Firefox. I have a variety of security addons installed and have had no issues in the past. Over the last week, when I complete the login, I get a message from Chase, "we'll be back soon" along with a list of phone numbers. I called chase, who verified their site was up and suggested I try a different browser.

Cranking up Chrome (Mac), I got the above message when trying to log into the Chase site. I also got a warning with Safari.

While I research is anyone familiar with this?
Thanks!
 

Partron22

macrumors 68030
Apr 13, 2011
2,655
808
Yes
http://844.cataphone.com/number/view/8448096389

Здравствуйте все, это МОЙ номер телефона! --> Hello all, this is my phone number!

That number is not Apple support, and likely speaks with a strong Moscow accent.

When they give you a phone number, it's often informative to do a search for that number online.
Same as when you get scam phone calls.
 
  • Like
Reactions: grahamperrin

Huntn

macrumors Core
Original poster
May 5, 2008
23,686
26,804
The Misty Mountains
Sounds like adware, probably nothing to worry about.
Download and run
https://www.malwarebytes.com/mac-download/
and report back. This link will automatically initiate the download.

Downloaded, ran, it found a long list of stuff in my library, which it says it removed. Hopefully this has taken care of the issue. Thanks so much! I'll report back if these issues continue to pop up.

Now I just have to figure out why I can't get logged into my Amazon/Chase account using Firefox! :)
 
  • Like
Reactions: grahamperrin

chscag

macrumors 601
Feb 17, 2008
4,622
1,946
Fort Worth, Texas
Downloaded, ran, it found a long list of stuff in my library, which it says it removed. Hopefully this has taken care of the issue. Thanks so much! I'll report back if these issues continue to pop up.

Now I just have to figure out why I can't get logged into my Amazon/Chase account using Firefox! :)

Chase has just recently implemented new security measures and sent out a warning today regarding browsers that are not secure and will not be supported. As flaky as Firefox has been with all its changes and revisions, I would switch to another browser and try again. Always safe to use Safari. :)
 

Huntn

macrumors Core
Original poster
May 5, 2008
23,686
26,804
The Misty Mountains
Chase has just recently implemented new security measures and sent out a warning today regarding browsers that are not secure and will not be supported. As flaky as Firefox has been with all its changes and revisions, I would switch to another browser and try again. Always safe to use Safari. :)

I've used both browsers for over a decade and Firefox has performed well. Interesting on the security updates at Chase. What bothered me is that I got a message, we'll be back later, here are phone numbers, not your browser does not meet our security requirements. I also had troubles logging into their site with Safari, finally got through using Chrome.
 

Huntn

macrumors Core
Original poster
May 5, 2008
23,686
26,804
The Misty Mountains
Chase has just recently implemented new security measures and sent out a warning today regarding browsers that are not secure and will not be supported. As flaky as Firefox has been with all its changes and revisions, I would switch to another browser and try again. Always safe to use Safari. :)

I've used both browsers for over a decade and Firefox has performed well. Interesting on the security updates at Chase. What bothered me is that I got a message, we'll be back later, here are phone numbers, not your browser does not meet our security requirements. I also had troubles logging into their site with Safari, finally got through using Chrome.

For anyone having trouble with Chase.com, the comments on this site are interesting: http://www.isitdownrightnow.com/chase.com.html
 

Huntn

macrumors Core
Original poster
May 5, 2008
23,686
26,804
The Misty Mountains
Btw, how are browsers infected with adware? Is it as simple as visiting a web site? I rarely use safari or Chrome so was shocked when both of them close this occasion to display adware, you're infected messages.
 

ardchoille50

macrumors 68020
Feb 6, 2014
2,142
1,230
Btw, how are browsers infected with adware? Is it as simple as visiting a web site? I rarely use safari or Chrome so was shocked when both of them close this occasion to display adware, you're infected messages.
Some advertisements use javascript to display a popup message, very similar to the one you posted in the OP - this is known as scareware. The first thing I do with such a message is close the browser and clear cache/history. The reason people don't see that message every time they visit is because ads are often in a rotation mode, so they're more likely to get a different advertisement with each visit and not all of them use javascript. The best advice is to never click links or call phone numbers in such messages, they do more harm than good.
 

Huntn

macrumors Core
Original poster
May 5, 2008
23,686
26,804
The Misty Mountains
Some advertisements use javascript to display a popup message, very similar to the one you posted in the OP - this is known as scareware. The first thing I do with such a message is close the browser and clear cache/history. The reason people don't see that message every time they visit is because ads are often in a rotation mode, so they're more likely to get a different message with each visit. The best advice is to never click links or call phone numbers in such messages, they do more harm than good.

Thanks. Of interest, I have pop ups blocked, and these appeared as web pages (asI recall). I will try dumping the cache history.
 

Mr_Brightside_@

macrumors 68040
Sep 23, 2005
3,760
2,108
Toronto
I'm not sure about other browsers, but a handy Safari trick is opening the app holding shift.
This starts a new session, not loading any previous windows, which often helps with these scareware ads.
 

26139

Suspended
Dec 27, 2003
4,315
377
Been using Chase.com with Safari for at last seven years, no problems here.

Thanks for sharing this though, I'm betting my parents run into this (they use Firefox).
 

ApfelKuchen

macrumors 601
Aug 28, 2012
4,335
3,012
Between the coasts
Btw, how are browsers infected with adware? Is it as simple as visiting a web site? I rarely use safari or Chrome so was shocked when both of them close this occasion to display adware, you're infected messages.

First off, there's a difference between a true adware infection, and getting a pop-up message that says, "Your computer is infected... call (toll free number)." Such messages are scams, not infections. Your browser or operating system did not detect anything. The web page you're visiting simply dished-out a bogus "warning."

True adware infection requires a download/install. Most commonly, thats via either an invitation to install/update a browser plug-in, or as a hidden component of a software download.

Pretty much, if you're suckered into downloading MacKeeper, some adware is going to hitch a ride. Some software download web sites routinely include adware with their downloads. At this point, with few exceptions, I won't download from anyone but the Mac App Store or the original author/producer of the software.

You can't trust a website popup that says to install/update items like Adobe Flash, Adobe Reader, Java, Microsoft Silverlight... All are perfectly legitimate items if you download from the original source, but you can't trust web site popups to either 1) tell you truthfully that you need an update or 2) actually deliver the software they're claiming to deliver. Go directly to the source. Do not click, Download Now.

Most legitimate plugins now offer a way to check if you have the latest version (either by going to the company web site, or via an item in Mac System Preferences - both Flash Player and Java are in System Preferences).
 
  • Like
Reactions: Huntn

Huntn

macrumors Core
Original poster
May 5, 2008
23,686
26,804
The Misty Mountains
You have their HTTPS site bookmarked? You're not following links from anywhere?
Yes, bookmarked, or copy paste URL www.chase.com/amazon.
[doublepost=1468068597][/doublepost]
First off, there's a difference between a true adware infection, and getting a pop-up message that says, "Your computer is infected... call (toll free number)." Such messages are scams, not infections. Your browser or operating system did not detect anything. The web page you're visiting simply dished-out a bogus "warning."

True adware infection requires a download/install. Most commonly, thats via either an invitation to install/update a browser plug-in, or as a hidden component of a software download.

Pretty much, if you're suckered into downloading MacKeeper, some adware is going to hitch a ride. Some software download web sites routinely include adware with their downloads. At this point, with few exceptions, I won't download from anyone but the Mac App Store or the original author/producer of the software.

You can't trust a website popup that says to install/update items like Adobe Flash, Adobe Reader, Java, Microsoft Silverlight... All are perfectly legitimate items if you download from the original source, but you can't trust web site popups to either 1) tell you truthfully that you need an update or 2) actually deliver the software they're claiming to deliver. Go directly to the source. Do not click, Download Now.

Most legitimate plugins now offer a way to check if you have the latest version (either by going to the company web site, or via an item in Mac System Preferences - both Flash Player and Java are in System Preferences).

Thanks for the info, but I have to question some of this. I was visiting www.chase.com when these messages appeared. I'd assume they are not from that web site, but from some other origination, like the one marked as powered by Apple.com did not originate from Chase.com, unless the site has been infected.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.