Anyone run across the fake alert scam when clicking a specific "other content" image link on Weather Channel free page?
A dire audio message and Apple logos + 1 800 number... but don't be fooled.
Loads data to cache and blob files.
Some one should give Weather Channel a heads-up.
Latest versions of Safari and Monterey on 2014 mini.
Mac mini, macOS 10.15
same scam... but new web address:
dolphin-app-2-gidzn.ondigitalocean.app/merrx01/?phone=+1-844-914-1566&tblci=GiAmfOFDfFPKcRx2VySAO***
see this? just close the tab. but it's cached files will likely remain.
[Link Edited by Moderator]
Hi onetriadrr,
What you described sounds like a phishing attempt which is designed to gather personal information without your consent.
We suggest not clicking on any links or providing any type of information.
You can find out how to report these types of messages here:Recognize and avoid phishing messages, phony support calls, and other scams - Apple Support
Phishing refers to fraudulent attempts to get personal information from you, usually by email. But scammers use any means they can to trick you into sharing information or giving them money, including:
*Fraudulent emails and other messages that look like they're from legitimate companies, including Apple
*Misleading pop-ups and ads that say your device has a security problem
*Scam phone calls or voicemails that impersonate Apple Support
*Fake promotions that offer free products and prizes
*Unwanted Calendar invitations and subscriptions
If you're suspicious about an unexpected message, call, or request for personal information or money, it's safer to presume it's a scam and contact that company directly if you need to. If you're concerned about a security issue with your Apple device, you can get help from Apple.
In the future, you can use this guide to identify legitimate emails from Apple: Identify legitimate emails from the App Store or iTunes Store - Apple Support
Thanks for using the Apple Support Communities.
Cheers!
This particular version of the malware takes safari fullscreen with popups that reappear when dismissed.
Moving mouse cursor to top of screen to reveal menu bar, then choosing Quit works... simpler methods like selecting "close tab" from file menu or 'command-Q' might also work.
Don't know if this malware automatically reloads if Safari (or other browser) is relaunched.
I used a malware scanner to locate and delete the files.
It's 'live' scanner should have thrown a dialog before this thing even loaded... too new perhaps.
Anyway, the clickbait's address (as it appears in the resulting tab) gets redirected at least once.
According to browser history this is, a now defunct, suspect address:
“https://monkfish-app-gdlfs.ondigitalocean.app/merrx01/?
phone=+1-855-598-
0661&tbici=GiAmfOFDfFPKcRx2VySAO_IMMe11hfNgNIUQSQV68gdqWiCyilMo950cg_-
Lg9ds&utm_medium=referral&utm_source=taboola#” can’t find the server "monkfish-app-gdlfs.ondigitalocean.app".
DCS
Read Phony "tech support" / "ransomware" popups and web pages - Apple Community.
Some one should give Weather Channel a heads-up.
That someone can be you.
web page based "phishing" scam
