Your browser isn't supported
It looks like you're using an old web browser. To get the most out of the site and to ensure guides display correctly, we suggest upgrading your browser now. Download the latest:

Welcome to the MSE Forums

We're home to a fantastic community of MoneySavers but anyone can post. Please exercise caution & report spam, illegal, offensive or libellous posts/messages: click "report" or email forumteam@. Skimlinks & other affiliated links are turned on

Search
  • FIRST POST
    • Pyxis
    • By Pyxis 18th Mar 17, 8:39 AM
    • 27,992Posts
    • 102,078Thanks
    Pyxis
    Was this a malicious pop-up?
    • #1
    • 18th Mar 17, 8:39 AM
    Was this a malicious pop-up? 18th Mar 17 at 8:39 AM
    Something weird happened yesterday evening, which I'm a bit worried about.

    I have an iPad Air 2 with the latest version, 10.2.1
    I don't have a desktop or laptop or iPhone.

    Because I've only ever had Apple computers, I have never, to my knowledge, been confronted with any malicious software.

    Yesterday evening, I was surfing through various clothing sites I'd not visited before.
    Suddenly there was a pop-up telling me that my iPad had been subjected to a malicious virus attack and that my battery had been severely damaged. I was in danger of losing all my contacts and stuff. I should download an app by clicking on something. On no account should I close the window. To do so would cause severe damage. (There was a 'close'button). It said 'exit this at your peril' .

    It was rather frightening, but I reckoned that I should just exit it sharpish, so I didn't click on anything .....didn't click the close button. I just swiped it away.
    It popped back a couple of times, and I swiped it away each time.

    Unfortunately, I didn't take a screen shot.

    Then it reappeared as a slightly different version of the same thing. So I got rid of it and shut down the iPad.

    (I have another older iPad, and that was ok, no pop-up.)


    This morning, I restarted the iPad and it seems to be ok. My data seems to all be there.

    Should I be worried that I've been hacked?
    (I just lurve spiders! )
    INFJ(Turbulent).

    Her Greenliness Baroness Pyxis of the Alphabetty, P.P..
    ¥ ¥ ¥
    X ~O
Page 1
    • AndyPix
    • By AndyPix 18th Mar 17, 9:54 AM
    • 2,508 Posts
    • 1,656 Thanks
    AndyPix
    • #2
    • 18th Mar 17, 9:54 AM
    • #2
    • 18th Mar 17, 9:54 AM
    Hi, no, this is just a specially crafted overlay that is loaded into your browser by a dodgy header on a page or by a shady advert on a page.
    Annoying and worrying as it can be it is totally benign


    If you ever get stuck on it, go to settings, safari and clear cache and that will shift it.


    Again, don't worry, you haven't been hacked
    Running with scissors since 1978
    • Pyxis
    • By Pyxis 18th Mar 17, 9:57 AM
    • 27,992 Posts
    • 102,078 Thanks
    Pyxis
    • #3
    • 18th Mar 17, 9:57 AM
    • #3
    • 18th Mar 17, 9:57 AM
    Hi, no, this is just a specially crafted overlay that is loaded into your browser by a dodgy header on a page or by a shady advert on a page.
    Annoying and worrying as it can be it is totally benign


    If you ever get stuck on it, go to settings, safari and clear cache and that will shift it.


    Again, don't worry, you haven't been hacked
    Originally posted by AndyPix
    Oh phew! Thank you!

    What was the point of it, though?
    (I just lurve spiders! )
    INFJ(Turbulent).

    Her Greenliness Baroness Pyxis of the Alphabetty, P.P..
    ¥ ¥ ¥
    X ~O
    • AndyPix
    • By AndyPix 18th Mar 17, 9:58 AM
    • 2,508 Posts
    • 1,656 Thanks
    AndyPix
    • #4
    • 18th Mar 17, 9:58 AM
    • #4
    • 18th Mar 17, 9:58 AM
    Try to get you to install the app that they have vested interest in.
    That's all


    Gobsh1tes !!
    Running with scissors since 1978
    • Pyxis
    • By Pyxis 18th Mar 17, 10:13 AM
    • 27,992 Posts
    • 102,078 Thanks
    Pyxis
    • #5
    • 18th Mar 17, 10:13 AM
    • #5
    • 18th Mar 17, 10:13 AM
    Try to get you to install the app that they have vested interest in.
    That's all


    Gobsh1tes !!
    Originally posted by AndyPix
    Thank you. You've been very helpful.
    (I just lurve spiders! )
    INFJ(Turbulent).

    Her Greenliness Baroness Pyxis of the Alphabetty, P.P..
    ¥ ¥ ¥
    X ~O
    • GDB2222
    • By GDB2222 18th Mar 17, 10:18 AM
    • 13,891 Posts
    • 74,397 Thanks
    GDB2222
    • #6
    • 18th Mar 17, 10:18 AM
    • #6
    • 18th Mar 17, 10:18 AM
    Which browser were you using? I had a similar problem with Chrome, and the simplest solution was just to uninstall it, then reinstall.
    No reliance should be placed on the above! Absolutely none, do you hear?
    • Pyxis
    • By Pyxis 18th Mar 17, 10:19 AM
    • 27,992 Posts
    • 102,078 Thanks
    Pyxis
    • #7
    • 18th Mar 17, 10:19 AM
    • #7
    • 18th Mar 17, 10:19 AM
    Which browser were you using? I had a similar problem with Chrome, and the simplest solution was just to uninstall it, then reinstall.
    Originally posted by GDB2222
    Safari.

    It did seem to go after I kept swiping it and turned off the iPad.
    At least, it hasn't been back. Yet!
    (I just lurve spiders! )
    INFJ(Turbulent).

    Her Greenliness Baroness Pyxis of the Alphabetty, P.P..
    ¥ ¥ ¥
    X ~O
    • grumpycrab
    • By grumpycrab 18th Mar 17, 10:36 AM
    • 3,121 Posts
    • 1,396 Thanks
    grumpycrab
    • #8
    • 18th Mar 17, 10:36 AM
    • #8
    • 18th Mar 17, 10:36 AM
    Described here FYI. And the solution (same as Andy's)
    https://discussions.apple.com/docs/DOC-8071

    The obvious question: is there any anti-virus/malware/adware/ransomware product that can spot this sort of thing? On Windows, Kaspersky, Bitdefender may be the answer. Don't know about Apple.
    EDIT: May be worth a shot on Apple :- https://itunes.apple.com/us/app/trend-micro-mobile-security/id630442428?mt=8
    Last edited by grumpycrab; 18-03-2017 at 10:46 AM.
    Hi, we’ve had to remove your signature because somebody complained that the information contained within it was too helpful.
    • Pyxis
    • By Pyxis 18th Mar 17, 10:41 AM
    • 27,992 Posts
    • 102,078 Thanks
    Pyxis
    • #9
    • 18th Mar 17, 10:41 AM
    • #9
    • 18th Mar 17, 10:41 AM
    Described here FYI. And the solution (same as Andy's)
    https://discussions.apple.com/docs/DOC-8071
    Originally posted by grumpycrab
    Thank you, Grumpycrab.
    (I just lurve spiders! )
    INFJ(Turbulent).

    Her Greenliness Baroness Pyxis of the Alphabetty, P.P..
    ¥ ¥ ¥
    X ~O
    • EdwardB
    • By EdwardB 18th Mar 17, 12:36 PM
    • 412 Posts
    • 329 Thanks
    EdwardB
    It is the same concept as all the scammers, tell you that something you fear has happened so click link and warn if you don't then things you care about will be harmed.

    Might be an HMRC email, one that appears to be from a bank (they try different banks till they hit on the one that you actually bank with.

    On the telephone they call you, tell you they are from "Microsoft Support" (oxymoronic) and that you have been hacked but they can fix it, they ask for remote access and then proceed to put viruses on your computer. They then lace your computer with trials for which they get a commission on.

    Of course as an Apple user you would ignore but if you happened to get one saying it was your iPad you might believe them.

    One thing spammers are doing is adding things to your Iphone/Ipad calendar as a new kind of spam.

    You can never know what the payload is of a spam message, a link may take you anywhere, the fact that there have not been many cases of malware on Apple does not mean there will not be. It is a numbers game, right now there are so many more PC's and much better conversion on Windows platform.

    Mobile is where they are focused right now.
    Please be nice to all MoneySavers. That’s the forum motto. Remember, the prime aim is to help provide info and resources. If you don’t like someone, their situation, their question or feel they’re intruding on ‘your board’ then please bite the bullet and think of the bigger issue.
    • Pyxis
    • By Pyxis 18th Mar 17, 1:55 PM
    • 27,992 Posts
    • 102,078 Thanks
    Pyxis
    It is the same concept as all the scammers, tell you that something you fear has happened so click link and warn if you don't then things you care about will be harmed.

    Might be an HMRC email, one that appears to be from a bank (they try different banks till they hit on the one that you actually bank with.

    On the telephone they call you, tell you they are from "Microsoft Support" (oxymoronic) and that you have been hacked but they can fix it, they ask for remote access and then proceed to put viruses on your computer. They then lace your computer with trials for which they get a commission on.

    Of course as an Apple user you would ignore but if you happened to get one saying it was your iPad you might believe them.

    One thing spammers are doing is adding things to your Iphone/Ipad calendar as a new kind of spam.

    You can never know what the payload is of a spam message, a link may take you anywhere, the fact that there have not been many cases of malware on Apple does not mean there will not be. It is a numbers game, right now there are so many more PC's and much better conversion on Windows platform.

    Mobile is where they are focused right now.
    Originally posted by EdwardB
    Thank you.

    It looks like it's best to delete everything and then check with Apple if in any doubt.

    Would taking a screen shot compromise me?
    (I just lurve spiders! )
    INFJ(Turbulent).

    Her Greenliness Baroness Pyxis of the Alphabetty, P.P..
    ¥ ¥ ¥
    X ~O
    • interstellaflyer
    • By interstellaflyer 18th Mar 17, 3:10 PM
    • 1,623 Posts
    • 948 Thanks
    interstellaflyer
    Generally all you need to do is press the home button then go into settings and delete browser history.
    I hate football and do wish people wouldn't keep talking about it like it's the most important thing in the world
    • Pyxis
    • By Pyxis 18th Mar 17, 3:14 PM
    • 27,992 Posts
    • 102,078 Thanks
    Pyxis
    Generally all you need to do is press the home button then go into settings and delete browser history.
    Originally posted by interstellaflyer
    Thanks.

    It was frightening because I'd never seen anything like it before.

    At least I'll know for another time!

    Thank you, everyone!
    (I just lurve spiders! )
    INFJ(Turbulent).

    Her Greenliness Baroness Pyxis of the Alphabetty, P.P..
    ¥ ¥ ¥
    X ~O
    • AnotherJoe
    • By AnotherJoe 18th Mar 17, 6:58 PM
    • 7,051 Posts
    • 7,518 Thanks
    AnotherJoe
    Thank you.

    It looks like it's best to delete everything and then check with Apple if in any doubt.

    Would taking a screen shot compromise me?
    Originally posted by Pyxis
    No. That is just copying the pixels on the screen.

    Odds are high the application they wanted you to download was for a PC anyway, since to download it on an iPad it would need to be in the App Store which would be very unlikely.
    • Pyxis
    • By Pyxis 18th Mar 17, 7:25 PM
    • 27,992 Posts
    • 102,078 Thanks
    Pyxis
    No. That is just copying the pixels on the screen.

    Odds are high the application they wanted you to download was for a PC anyway, since to download it on an iPad it would need to be in the App Store which would be very unlikely.
    Originally posted by AnotherJoe
    Right.
    I can't remember the exact wording, now, but they did refer to my 'iPad' more than once. A bit later on they called it an iPhone!

    The English it was written in was pretty good, but there were one or two places where it didn't sound quite fluent, which made me a bit suspicious that it wasn't from Apple.
    (I just lurve spiders! )
    INFJ(Turbulent).

    Her Greenliness Baroness Pyxis of the Alphabetty, P.P..
    ¥ ¥ ¥
    X ~O
    • AndyPix
    • By AndyPix 19th Mar 17, 8:10 PM
    • 2,508 Posts
    • 1,656 Thanks
    AndyPix
    Its easy for a php/javascript to detect what browser you are using and customise its wording accordingly.


    It DEFINATELY wasn't from apple lol ..


    If you had followed it through, no doubt you would have landed on the app store page for a dubious security or a/v program, which is either owned by the scumbags who wrote the popup, or they are getting paid per install they generate.


    I promise you haven't been hacked
    Running with scissors since 1978
    • zagubov
    • By zagubov 19th Mar 17, 9:38 PM
    • 14,625 Posts
    • 125,347 Thanks
    zagubov
    You'll get popups saying you should clean your apple product with mackeeper. You probably shouldn't. Or that you need to download a new version of flash. Unless you visit the genuine flash page itself, you probably shouldn't.

    You may even get ones that'll say your Windows system is infected. You know were you stand with that.
    There is no honour to be had in not knowing a thing that can be known - Danny Baker
    • Pyxis
    • By Pyxis 20th Mar 17, 10:10 AM
    • 27,992 Posts
    • 102,078 Thanks
    Pyxis
    Thanks, both.

    Useful to know.
    (I just lurve spiders! )
    INFJ(Turbulent).

    Her Greenliness Baroness Pyxis of the Alphabetty, P.P..
    ¥ ¥ ¥
    X ~O
    • debitcardmayhem
    • By debitcardmayhem 20th Mar 17, 4:26 PM
    • 8,167 Posts
    • 6,161 Thanks
    debitcardmayhem
    Its easy for a php/javascript to detect what browser you are using and customise its wording accordingly.


    It DEFINATELY wasn't from apple lol ..


    If you had followed it through, no doubt you would have landed on the app store page for a dubious security or a/v program, which is either owned by the scumbags who wrote the popup, or they are getting paid per install they generate.


    I promise you haven't been hacked
    Originally posted by AndyPix
    Sorry andy but your post must have been generated by a dodgy English script since they would defanitely not written DEFINATELY for definitely
    • AndyPix
    • By AndyPix 20th Mar 17, 4:30 PM
    • 2,508 Posts
    • 1,656 Thanks
    AndyPix
    Sorry andy but your post must have been generated by a dodgy English script since they would defanitely not written DEFINATELY for definitely
    Originally posted by debitcardmayhem

    Apologies. I am dyslexic and sometimes mis-spell things


    As do you it seems ..


    defanitely not written DEFINATELY for definitely
    Originally posted by debitcardmayhem
    Last edited by AndyPix; 20-03-2017 at 4:34 PM.
    Running with scissors since 1978
Welcome to our new Forum!

Our aim is to save you money quickly and easily. We hope you like it!

Forum Team Contact us

Live Stats

973Posts Today

7,112Users online

Martin's Twitter