Computer tips and helpful suggestions, especially for people who are not entirely comfortable using their computers.
Dear MacMama,
I got a warning from Apple that said my Mac was compromised and the window that came up asked from my Mac username and password. There was a phone number, but I did not call it. I wasn’t sure if it was a real issue or if it was some kind of scam. I shut my computer down and haven’t turned it back on. Is it legitimate?
Lissa, Oakland
Dear Lissa,
This was not from Apple. It was what is called a phishing attack.
A phishing attack is a type of cyberattack where scammers use deceptive communication—usually emails or text messages—to trick people into revealing sensitive information like usernames, passwords, and credit card numbers. The attackers pretend to be a trusted company or individual, using urgency or fear to get you to click a link, download something harmful, or give up private information.
According to Macworld magazine, these kinds of scams used to mainly affect Windows users. But recently, they’ve been popping up more often on Macs. Sometimes they appear when you’re browsing the web and accidentally type in a misspelled URL (web address). On a malicious site, a scary-looking warning may pop up, often with a phone number to call.
But what they’re really after, in many cases, is your computer’s username and password. Macworld found that in one phishing attempt, the phone number listed was completely fake.
Of course, some scams like this do connect to a real person. In those cases, a scammer might answer the phone and claim they work for Apple, the FBI, or some other security organization. They say they can fix the “problem” for a fee. They may ask for your credit card, or ask you to buy an Amazon gift card and read them the number. In some cases, they’ll send you a link so they can log into your computer remotely.
Once they’re in, they’ll often go into your user library—a part of your computer that contains a lot of files written in code. Since the files look confusing, they’ll try to convince you they’re dangerous. But in most cases, these f iles are normal and not harmful at all.
Other times, scammers might give you a link to click, saying it will securely scan your Mac and get rid of the “security threat.” That, too, is part of the scam.
What to Do If You Clicked
If you accidentally clicked on a suspicious link or let someone access your computer, don’t panic—but act quickly. First, turn off your Internet connection right away by clicking the Wi-Fi symbol in the upper-right corner of your screen and selecting “Turn Wi-Fi Off.” Then, close your browser completely—whether you’re using Safari, Chrome, or another one.
After that, reconnect to the Internet, clear your browser’s history and cache, and most importantly, change your user password. That’s the password you use when logging into your Mac.
If you shared your credit card information with a scammer, call your bank immediately. Let them know you may have been the victim of fraud, and ask for a replacement card. It’s also a good idea to install antivirus software—Malwarebytes and Norton Antivirus are two good options—to help protect against future threats.
How to Spot a Fake Email
If you get an email warning of a “security issue,” don’t click on any links. Always check who actually sent it.
If you’re using Apple Mail, hover your mouse over the sender’s name. A little arrow should appear. Click on it to reveal the actual email address. You’ll usually find it has nothing to do with Apple at all.
The same goes for emails from places like your bank or Amazon. If you get a message saying, “Your payment is out of date— click here to update,” don’t click. Instead, go directly to the company’s official website, log in, and check if the issue is real.
Stay Safe Online
As more of our daily life moves online—banking, shopping, communication—we have to be extra careful. Even though services like Gmail are pretty good at filtering out scams, some still get through. And scammers are getting more clever all the time.
So, Lissa, you did the right thing by shutting down your computer. Turn it back on, follow the steps above, and next time you type in a web address, pause and double-check your spelling before hitting Enter.
Cookie Segelstein is the MacMama, an Apple Certified Service Professional that provides Apple computer consultation and trouble-shooting in your home and office. For more information, call 510-520-7760, email [email protected], or visit her website at www.themacmama.com