Recently, the mother of one of my associates here at Canby Financial Advisors fell victim to an age-old online scam dressed in a new disguise: The AppleCare Support scam. Similar scams have been targeting PC users for years, making them the source of great amusement and smugness among iMac and MacBook owners, who were under the false assumption that Apple devices were immune from these schemes.
How it works
Here’s the story, as recounted by “Jane.” (Not her real name.)
As Jane was using her MacBook to visit her favorite gardening web site, a popup window appeared on her browser screen with the AppleCare logo and a message that said:
Important message from AppleCare Support: Our network has identified a critical issue with your device’s operating system. Call xxx-xxx-xxxx immediately to speak to an AppleCare technical support representative.
Jane called the number, which was answered by a man with a very polite and professional sounding voice. He gave his full name and claimed to be a “certified AppleCare technical support specialist.” After Jane explained what had happened, he offered to diagnose and fix her MacBook via a remote connection once she had logged on to her AppleCare account.
Jane didn’t have an AppleCare account, so the technician offered to help her set one up. He provided her with a URL that brought her to a professionally designed web site that looked just like Apple’s “official” product support web site.
The technician instructed her to click on the “Purchase Plan” button, which brought up to a screen offering a lifetime support plan for $300. He guided her through the process of filling out a form with her name, address, phone number, email address and date of birth (“for validation purposes”) and entering her credit card number to purchase the plan.
After she submitted this information, the technician thanked her and asked her to wait several minutes to diagnose and repair her operating system. Two minutes later, the popup window disappeared. The technician said that the problem was fixed and politely wished her a pleasant day.
Then the real trouble begins
Jane first suspected that something was wrong when she never received an email confirmation of her AppleCare support plan purchase. When she called the “AppleCare support” number again she got a “not in service” message. When she tried to return to the “AppleCare” web site she got a “page not found” notification.
Twenty minutes later, she began receiving text alerts from her credit card company asking her if she had authorized a number of charges made overseas—including a $300 payment to something called “VENTUR OFFRA LTD.” After calling her credit card company she discovered that the scammers had charged more than $5,000 to her card in less than ten minutes.
Jane immediately placed a credit freeze on her card to stop further fraudulent charges. Unfortunately, her credit card company has so far refused to refund the $300 transaction that started the whole thing, since she personally had authorized the payment.
Since Jane isn’t sure what other information the scammers may have stolen from her MacBook, she has since frozen all of her credit cards and directed the three largest credit reporting agencies to deny future credit checks to prevent the scammers from opening new cards in her name.
The lesson here?
(Note: I am not a technical expert. The following information comes from cyber security experts who write about these and other kinds of online scams .)
Whether you’re using a PC, Mac, iPhone or Android device, these kinds of “online support” scams come in many forms. Sometimes they’re popup windows on browsers. Sometimes they’re “official-looking” email or text messages warning you of serious technical issues. Nearly all ask you to either call a number or go to a bogus web site.
The first thing to do when you see such a message is to not panic. Delete text messages, report email messages as spam or phishing attempts and shut down your browser to get rid of the popup window. Then turn off your device, turn it on again and run a complete virus and malware scan. For added security, back up all of your important files.
If the popup window doesn’t go away when you close the browser or your device freezes or acts strangely, turn it off immediately. Chances are that your device has been invaded by a virus or malware. Turning it back on might reactivate the bug, allowing it to destroy your files and transmit your personal information to online thieves.
For peace of mind, bring your device to an authorized and reputable local Information Technology services company and let them run a comprehensive diagnosis. While you’re there, ask them for advice on how to prevent similar attacks from getting through your device’s Internet security defenses, including recommendations of antivirus programs.
While you have little control over the scams that invade your online space, you do have control over how you respond to them. In these situations, a strong security wall and a bit of common sense can keep you from becoming a scammer’s latest victim.
This article was authored by Chris Gullotti and Jeffrey Briskin. Chris is a financial advisor and Partner located at Canby Financial Advisors, 161 Worcester Road, Framingham, MA 01701. He offers securities and advisory services as an Investment Adviser Representative of Commonwealth Financial Network®, Member FINRA/SIPC, a Registered Investment Adviser. Financial planning services offered through Canby Financial Advisors are separate and unrelated to Commonwealth. He can be reached at 508.598.1082 or firstname.lastname@example.org. Jeffrey Briskin is Director of Marketing at Canby Financial Advisors.