This type of malware is growing, requiring that we all be skeptical online. Don’t call any numbers and don’t click through the offers. This caution applies to email, too.

Share story

Practical Mac

Twice in the past week I’ve had people seek advice for what’s becoming more common: phishing attempts on the Web.

In both cases, a pop-up window appeared in Safari that couldn’t be easily dismissed, claiming that the computer was infected by a virus. Calling a phone number promised relief. One person did call, and was told that purchasing a $300 technical assistance program would keep further attacks at bay.

It’s all a scam. (Searching on Google for the number, 1-866-777-6226, brings up many reports of the scam being perpetuated under several guises.) Fortunately, neither person shared a credit card number with the bogus service.

However, the pop-up message didn’t go away, effectively locking up Safari. The message was likely triggered by a JavaScript script delivered by an ad on the Web page. Restarting the Mac didn’t work, either. That’s because Safari (and other apps) can automatically load the last windows and tabs from the previous session — a handy feature, especially for people who keep lots of tabs open to refer to later.

Getting rid of the message requires a few steps:

1. Force-quit Safari by choosing Force Quit from the Apple menu, or by pressing Command-Option-Esc, selecting Safari and clicking the Force Quit button.

2. Hold the Shift key and then click Safari’s icon in the Dock. That opens Safari and prevents windows that were loaded before from reappearing.

3. Go to the Safari menu and choose Clear History and website Data and choose either Today and Yesterday or All History. That clears the cache of code that Safari stores locally.

Apple also offers more information for getting rid of adware and ad-injection software that’s a good resource on its support page titled “Stop pop-up ads and adware in Safari.”

And for good measure, I say it’s time to remove Adobe’s Flash from your Macs. Apple no longer preinstalls it, and the platform has proved to be a security nightmare. In July, a serious zero-day vulnerability made it possible for an ad that uses Flash to execute malicious code (even on Macs).

Adobe offers a Flash Uninstall tool to make it easy. I did so months ago and don’t miss it a bit. If I do occasionally run into something that requires Flash, I open the site in Google Chrome, which includes Flash built-in. Or, consider installing Marc Hoyois’s ClickToFlash plugin for Safari.

This type of malware is growing, requiring that we all be skeptical online. Don’t call any numbers, don’t click through the offers, and so forth. This caution applies to email, too. If you see a notice from Apple that asks you to reset your account, unless it’s something you specifically initiated, never click the link in the email. Log in to your account separately in a browser and check for alerts or messages.

It sucks, and we have to live with it.

But it’s not necessarily a losing battle. Safari in the next version of OS X, El Capitan, will include content blocker extensions that developers can use to hopefully filter out the bad elements on the Web. El Capitan is expected in the fall.

For now, install the Ghostery extension for Safari and other Web browsers, which identifies and can block scripts and trackers that load with Web pages (and also speed up page load times in the process).

And be vigilant when you browse the Internet. Use a password utility such as 1Password to manage your logins, and never re-use the same password twice, even if it seems innocuous. If something seems suspicious, it probably is.