Articles & Columns » Mac Q & A - Mac and OS X Questions and Answers

As part of my OS X consulting business, I occasionally answer Mac and OS X-related questions here for Mac users in Montana. My two latest are below and my archives are here. You subscribe to my RSS feed with your feed reader or by by email.

If you email me with your own question, tell me the details on what version of OS X you use and what happens - or doesn't happen - with OS X or with the Apple program you use. If I answer your question here, I'll let you know email and use only your initials to identify you here. Read my Privacy and Terms of Use


As always, if you run into strange problems with your Mac, always restart (or shut down and start up) your Mac before you email me. OS X runs through diagnostic routines on each boot, so many invisible "things" get repaired before they cause problems, and a restart also clears out memory and loads a fresh copy of OS X and any programs you run.

Mac Q & A: Another Scam from macsystemalerts.com

November 3rd, 2014

My Mac Q & A Question: Now I’m getting a screen in Safari from macsystemalerts.com that says “YOUR BROWSER HAS BEEN LOCKED.” It gives a number to call 1-800-680-4131. That’s not an Apple phone number. I can close Safari, but this must be a scam. M.P., Missoula

macsystemalerts.com is yet another scam having to do with fake Javascript pop-ups saying all manner of things, like the FBI is after you, the police are going to arrest you, and on and on. They are all fake. (You can also read my earlier post Mac Q & A: Is applesecurityalerts.com a Scam?) Nothing is wrong with Safari and nothing is going to get you arrested. macsystemalerts.com is a bogus domain not owned by Apple. Keep reading to learn how to get out of the pop-up.

And mac-system-alerts.com is the same deal; it’s a scam, too, as are apple.com-securitywarning.com, safarisecurityalert.com, macsecurityissue.com, macbrowseralerts.com, mac-online-alert.com, mac-issues-online.com, online-apple-alerts.com, helpmetek.com, applesecurityalert.com, websternal.net, newsalert.report-o.com, geek-techies.com, system-connect.com, instants-pc-fix.com, etc.

The scammers want you to call that phone number, and when you do, they will want to sell you worthless software that they want to install from afar to “fix” the problem. They will tell you the problem is a virus or malware, and they can fix it for a price. The problem is that there is no problem, and the scammers want to scare you into calling them. The software they sell you will either be worthless, or worse, it will be malware itself.

The macsystemalerts.com scam window is not a virus and is only Javascript running in Safari. The popup is usually easy to get out of. Just close the Safari window, and when you get the popup, click “Leave the Page” and you should be able to close Safari.

image

The macsystemalerts.com popup – it’s all fake

But other variants of this scam lock the Safari window open. If you can’t simply close the window, you need to disable Javascript, or worst case, force quit Safari. Do this first: from the Safari menu bar, select Safari > Preferences… > Security and uncheck the box marked Enable JavaScript. This will disable Javascript so you can close Safari. (But leave the Preferences dialog box open.) Now close the window or tab. Then you can re-enable JavaScript and close Preferences.

If that doesn’t work, you need to force quit Safari, because the Javascript pop-up has a more firm hold on Safari. So do this: go to the Apple menu and select “Force quit…” Select Safari from the menu and quit it. And then it’s best if you remove all website data. Do that by going to Safari > Preferences… > Privacy > Remove All Website Data to get rid of any cookies or other data left by the server. And then open your Downloads folder and delete anything you don’t recognize. (Once you have cleared cookies, you will need to log back into sites that had persistent logins, but you do need to clear cookies and the cache to be sure the macsystemalerts Javascript is gone).

Worst case, if the two methods above don’t get you out of the Safari popup, disconnect from the internet and restart Safari and/or your Mac. That will stop Safari from loading the Javascript from the malicious site, and then you can close Safari and clear your website data.

You can also start up your Mac in Safe Mode, which disables everything but the most basic functions and will allow you start Safari without the malicious javascript taking hold. Hold down the Shift key right after you hear the start up sound. Read OS X: What is Safe Boot, Safe Mode? – Apple Support for more information.

If you Google Search 1-800-680-4131 that phone number, you will find scam reports, like this one Scam report for 800-680-4131.

If you did call that number and talk to someone and give them a credit card number for software for your Mac, you need to call your bank and stop the charge. What they sold you is more than likely junk, and your card may be used for other unauthorized charges, too. You should file a complaint with the FCC.

And very importantly, if you allowed anyone to remotely install software, delete whatever was installed and also scan your Mac for malware. The best thing to do is run Software Update on your Mac to get the latest updates and malware fixes from Apple. And although this Javascript popup from macsystemalerts.com is not a virus, you may want to consider using antivirus, too. See ClamXav in the Mac App Store.

There are many of these scams coming and going over the last year, and this domain – macsystemalerts.com – is not owned by Apple; it’s owned by someone named Surya Kumar, in New Delhi, India. Other bogus domains are mac-system-alerts.com, mac-system-issue.com, hostingprivilege.com, macsecurityissue.com and macsystemsalert.com. Another is called Safaro-Alert.

Apple has been playing whack-a-mole with these domains and scammers, trying to shut them down, but they keep popping back up. macsystemalerts.com has actually survived since the domain was first registered on October 29th. I’m sure Apple is trying to shut down the domain, as they have other scam domains, but they haven’t had any luck with this one. The domain is registered with GoDaddy, well known as the registrar of choice for junk domains and scammers. See Whois macsystemalerts.com for the whois registration information.

Hope that helped, Mark

Are you a Montana Mac user? Send me your question for Mac Q & A: Contact Me

Mac Q & A: What is this Bash Shellshock Bug that is in the News?

September 27th, 2014

My Mac Q & A Question: What is this Bash Shellshock bug that is in the news? They say that Apple computers and iPhones have the problem. Is it serious? K.C., Missoula

Update 9/30/2014: Patches are out for OS X, so run Software Update on your Apple Devices

The “Shellshock” bug is serious, because it is a bug that allows a big security hole in all versions of the Bash software going back 25 years. Bash can be included as part of the Unix operating system that runs most of the servers and backbone equipment of the Internet. (And Apple computers; read more below). Many big companies and Internet services have been working fast to patch their systems since the bug was first revealed a few days ago.

Hackers started scanning the web within hours of the announcement of the bug, and the developers of hacking software added “modules” to their own systems to allow people – good guys and bad guys – to scan for the Bash bug and see who and what systems are vulnerable. For the technical lowdown, see the Federal Governments security website GNU Bourne-Again Shell (Bash) ‘Shellshock’ Vulnerability | US-CERT

But, as an OS X and/or iPhone user, you’re not really that much in danger.

Yes, OS X ships with Bash, but you need to be more of a Mac poweruser to even have Bash accessible to the outside world and the Internet as a whole. The Unix that runs OS X is under the hood and not accessible to you unless you go looking for it.

Apple has said they are working on a fix, but according to Apple in this news piece at TechCrunch.

“An Apple spokesperson provided the following to TechCrunch regarding the vulnerability, which affects bash, a Unix shell that’s part of Apple’s desktop OS”:

The vast majority of OS X users are not at risk to recently reported bash vulnerabilities. Bash, a UNIX command shell and language included in OS X, has a weakness that could allow unauthorized users to remotely gain control of vulnerable systems. With OS X, systems are safe by default and not exposed to remote exploits of bash unless users configure advanced UNIX services. We are working to quickly provide a software update for our advanced UNIX users.

So, in other words, if you’re not a poweruser, there’s no need to worry. That said, on your iMac and MacBook, you should have Software Update turned on and configured to automatically download and install updates as they become available from Apple. See OS X: Updating OS X and Mac App Store apps.

In OS X Lion and earlier, choose Apple  menu > System Preferences… > Software Update.

In OS X Mountain Lion and later, choose Apple  menu > System Preferences… > App Store. In Mountain Lion and later, software updates come through the Mac App Store, and you will see a small popup on the desktop with buttons for “Details” and “Update.”

For your iPhone, iPad, or iPod, go to Settings > General > Software Update. See Update your iPhone, iPad, or iPod touch iOS software.

Be sure under the Preferences you have Software Update to check for updates each day and automatically download them, too.

If you have Software Update running in OS X Mountain Lion and later, you may see a badge appear with the number of software updates available on the App Store icon in the Dock.

If you’re good with Terminal (the App that you use to run Bash and work with the Linux that is under the hood of OS X) and want to check the version of Bash on OS X, check out The ‘Shellshock’ Bash vulnerability. That site gives instructions and a test function to run in Bash that will tell you if you’re vulnerable. But again, unless you and know what they are and use SSH and Bash, there’s no real need to worry. My OS X systems are technically vulnerable, according to the test, and I use SSH and Bash, but I know enough to keep my systems safe until there is a patch.

Now, there is cause for concern about the many kinds of embedded systems out there and industrial controls that use Unix and Bash. Those dangers are still being assessed. And we can be sure that the Shellshocked bug will be in the news for some time to come.

Hope that helped, Mark

Are you a Montana Mac user? Send me your question for Mac Q & A: Contact Me

Read more Mac Q & A columns, or go to my Archives