Maybe you’ve experienced this little bit of fun. You’re checking out stuff on web pages, clicking on links or video clips or what have you… and this sort of page pops up:
Uh-oh! I’m just innocently browsing the web, and suddenly a page pops up telling me a virus has been detected? Yikes! I’d better read this page’s instructions and start…
Wait a second. Time to be suspicious.
First off: Who is giving me this warning? The text you see above says “We have detected a trojan virus…” Well, who the deuce is this “we”? It doesn’t say!
What’s more, this is another good example of why you should think in terms of applications, not in terms of “the computer”. Don’t just think “Oh, my computer is telling me this.” Ask what application is giving you this message. Why?
Because if you’re intentionally using some virus-checking application (or similar application for maintaining computer security), and that virus-checking application tells you “You have a virus”, well, that sounds like something you’ll definitely want to act on. But in this case, as noted above, I was using my web browser. (The one called Safari, in my case; you might use that too, or some other web browser.) A web browser is an application for looking at web pages, not for checking your computer for viruses. So why in the world is my web browser showing me this (alleged) report from a virus check? Something’s fishier here than week-old halibut.
Let’s look more closely at the web page that popped up, to check for clues of bogus-osity:
See how the time and date appear? Well, those are correct, but that means nothing – any web page (including a scam page) can report basic information like that. Also… ah, I see this page says “MacOS 10.14 Mojave”. That is indeed the operating system that my computer is using (well, almost; it should be “macOS”, not “MacOS”). Hmm, isn’t that a sign that some sort of real scan took place? No. In general, any web page, whether scammy or legitimate, is able to know what sort of computer and operating system you’re using when you visit that web page; there’s nothing odd about that.
Then there’s the stuff that’s just nonsense. Don’t knock yourself if this isn’t something you immediately caught, but for what it’s worth: a phrase like “System damage 28.1%” is just nonsense. (It sounds like a bad line from a movie, like a “status report” from the computer in Iron Man’s powered armor. It means nothing in actual computing.) The same with “3 minute [sic] and 38 second remaining before damage is permanent”. That means nothing; there are no “ticking bomb” countdown clocks associated with a real check for viruses. (Again, this sounds like a bad movie line.)
Little details like your operating system… dire warnings of “system damage” and a ticking “Follow these instructions now!” clock… even a page (see the earlier image again) made to look like Apple’s website… This is a scam. Your web browser has no business running some mysterious “virus scan” or “security check” on your computer. There’s no reason for your web browser to legitimately pop up some such report of an unasked-for security check, and even less reason for such a report to take on the appearance of a page from Apple’s web site (or from any other web site that the scammers might use as disguise).
It’s all fake, designed to lead you to click that big “Scan now” button, which is certain to lead you to more fakery, followed by an eventual invoice for saving your computer from viruses that it wasn’t even plagued by, or by some other nastiness – possibly even the installation of real viruses on your computer! (Yes, that’s a perfectly real scammy ploy: a “Remove viruses!” scam that actually infects your computer with viruses. What won’t they think of next?)
So. If you see some sort of “security check” report or “virus detected” warning or anything of that nature, pay attention to where it’s coming from. If you’re intentionally using some sort of security app to detect such problems, and that app gives you a report or warning, you’ll want to take note! But if you’re just going about your normal business on the web and your web browser pops up these dire warnings… You’ve just hit a pop-up advertisement and/or scam. Close it at once, and that’s that.
Do you see this sort of scammy page often? Have you ever fallen for one? Tell all in the comments if you like!