Fake Infection
Fake Infection: a reader asks…
Help! I opened an email and clicked on a link in it, and got a big warning on my screen saying that my computer (a Macbook Air) had been hacked. It gave me an 800 number to call, which I did. The tech support guy had me install GoToAssist so he could help me. He showed me some screen and said that a hacker was trying to take over my IP address (whatever that is), and then wanted me to pay him $300 to clean the infection off my Mac. What should I do? Oh, and I forwarded that email onto someone else.
Stop. Breathe. Rinse and repeat till you’re not in panic mode. Let me assure you, your computer is NOT infected, this is a scam. You should hang up on the so-called “tech support guy” immediately – that person is a scammer. The next thing you should do is Force-Quit the GoToAssist program. Then trash the GoToAssist app from your Applications folder (or desktop), and immediately empty your trash. For good measure, restart your Mac. Finally, go into your email and delete that message, and either email or call the person you forwarded the message to and warn them to not click on the link.
Fortunately for you, you have a Mac and there’s virtually no chance that your computer was infected. Had you been using a Microsoft Windows PC, you might have had a much longer road to recovery. What you experienced was a Phishing attempt, where a scammer tried to convince you he was a good guy, when he was really a bad guy. What’s happened is that the link you clicked on took you to a website that was crafted by the scammer to scare you into calling him. I can say with confidence that 99.9999% of the time, such warnings are bogus and you should never call the listed number.
And for goodness sake, please warn the person you sent that message to! Tell them to delete the message, don’t click on the link, and never call a phone number on any email or website warning message!
If you want to take some extra steps, here are my recommendations:
First, you should consider changing all your passwords – everywhere. I don’t know how long that scammer had access to your computer, and they might have been able to capture the passwords saved by your browser, as well as your login password. Especially as you might have given them that to give them access to your computer. You should make sure to change your email account password as well as any online account passwords – bank, credit card, online shopping, social media, etc. Don’t use the same password for these, use a unique password for each one and use a Password Manager (like my favorite, Lastpass) to keep track of them for you.
Second, you should look through your applications folder and trash any application that you don’t recognize (and use). It’s possible the scammer placed several items in there. For that matter, take a look through your various folders (documents, pictures, etc.) and if you see anything that you don’t recognize, trash it as well.
Third, you should consider using a few tools to verify your computer hasn’t been infected (infected not by the warning but by the scammer while he had access to your Mac). Here’s a short list of my favorites.
- https://www.malwarebytes.com/antimalware/mac/ (free)
- https://www.sophos.com/en-us/lp/sophos-home.aspx (free, there’s also a fee-based version)
- http://www.bitdefender.com/solutions/antivirus-for-mac.html ($40/year but worth it, this is the top-rated program)
The first item is a run-on-demand tool that scans your computer for malware. If it finds malware the tool can also remove it for you. Go ahead and install this one and leave it on your system for on-demand scanning. The second and third tools run full-time to protect your system, so you should choose one or the other. Free is nice, but I personally feel it’s worth a few bucks a year to make sure I have the best protection to protect my investment in a Mac. There are tons more products out there both free and for-fee from many brands in the computer protection world. But my feeling is that either Sophos or Bitdefender will give you the best protection without slowing down your Mac.
More and more Mac experts are starting to recommend protection programs for your Mac, even though the MacOS, by design, is immune to nearly all the threats that are currently out there. The sad fact is that as Macs have gotten more popular, hackers have turned their attention to it. No computing device is 100% immune from hackers, and they spend lots of time dreaming up new ways to fool hapless consumers into compromising their computer’s security and worse. And as you’ve experienced, hackers prey on your lack of knowledge about computer security, so having a full-time protection program is in your best interests.
This website runs on a patronage model. If you find my answers of value, please consider supporting me by sending any dollar amount via
(send to @PosiTek), 
(send to Support@PosiTek.net), 
using any credit card (no Paypal account required), using Zelle, Apple Pay or Google Pay, or by mailing a check or cash to PosiTek.net LLC 1934 Old Gallows Road, Suite 350, Tysons Corner VA 22182.
I am not a non-profit, but your support helps me to continue delivering advice and consumer technology support to the public.
Thank you!
Author: Chris Gardner
Your Tech Coach at PosiTek.net
There are currently 1277 reader comments on published articles, care to join in? Use the Leave a Comment form below/at the bottom of any existing comments. This is a good place to ask follow-on questions on this subject.
