Tech support scammers start targeting users of Apple devices

eBook: The DevOps Roadmap for Security - Tips and tools for bridging the security tribe into DevOps. Download →

With the rise of popularity and the widespread ubiquity of devices made by Apple, it was only a matter of time when tech support scammers would begin targeting that ever increasing segment of the population.

And they have begun. Malwarebytes researchers have recently discovered a Web-based campaign that starts by redirecting users – via malvertising and fraudulent affiliates – to a website that shows an error message both on the main page and in a pop-up window (click on the screenshot to enlarge it):


Users who fall for this trick and call the phone number provided will be instructed to visit , a website with a domain name that mimics that of Apple’s official screen sharing service (https://ara.apple.com), from where Apple users can make a secure connection between their computer and that of a licensed Apple support technician.

The fake website uses clean design and elements that many users associate with the company. Users will be instructed to download software that will allow the scammers to access the victims’ computer remotely.

Finally, the scammers will ask the victims to pay for the computer cleaning service, and in order to do that they will be asked to share their personal and payment card information (click on the screenshot to enlarge it):


The researchers have notified the registrar and the hosting provider about the fraudulent site. Still, you can bet on the fact that there are other, similar ones already out there.

The researchers are also warning users of possible cold-calls seemingly coming from Apple technicians. This is a technique that has been successfully tried on PC users, and will likely be tried on Apple users as well.