Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

mjo

macrumors newbie
Original poster
Oct 26, 2013
9
0
I am trying to help my mom sort out a phishing attempt she nearly fell pray to. She has an older MacBook running Mojave and uses the newest version of Firefox that is supported. She accidentally clicked on a dodgy link and got a request to input her password. Luckily, this set off alarm bells, so she didn't input any info. She rebooted, but the window was still there, so she closed the window by clicking on the close button. About the same time, she got an email ostensibly from Apple (and it looks legit, but I am not sure how to verify if it is actually from Apple) saying, "Activation Lock is requesting your password on iPhone."

The body of the email reads in part, "For your security, Activation Lock requires your Apple ID and password or your device passcode before anyone can reactivate and use your device. It’s enabled automatically when you enable Find My. If you are setting up this device, simply enter your Apple ID and password in the fields provided. Forgot your password? Learn how to reset your Apple ID password."

What's a little mystifying is that she was on her computer, not her phone, so I can't figure out how some kind of login attempt would have been flagged as being on her phone itself, if the email is legit.

I am sensitive to the fact that the email itself could be a phishing attempt somehow triggered by the link she clicked, or it could really be from Apple and be a sign that the link somehow generated a fraudulent attempted login. Or it could be a coincidence that it happened at the same time?

I think I've read that it's possible to trigger malware or spyware by clicking something that *looks* like a close button on a cleverly designed phishing popup, but I don't know if that's what happened here or what she should do next or how likely that even is. She's not particularly tech-savvy, and even though I'm pretty knowledgeable about the internet and computers in general, this stretches my know-how.

So, now my main question is: how likely is it that she has something nefarious running in the background on her laptop, and should she run a malware scan (and if so how) or what?

Thanks for ant advice or info!

-mjo
 
The email wasn't from Apple. It is a phishing attempt to get her Apple ID information. To be sure, you can check the email header the email was sent from. Post the email header here if you like.

Unless she downloaded a file and clicked on it and inputted her admin information without telling you, she should be fine.
 
  • Like
Reactions: Alameda
When she restarted the computer, the browser probably just restored the pages she was last viewing. That’s default behavior in Chrome and maybe other browsers.

It’s fairly easy to spot a phishing email: If you over over the hyperlinks, they’ll be from weird URL’s, not apple.com, amazon.com, etc., but something like 1238factoryfun.ch. THAT is a certain way to spot a phishing email: Use the hover feature.

Another common tactic: The email tells you to do something urgently. In a sophisticated attack, it may appear as an email from someone in her address book; maybe even you. Sometimes it appears to come from you and you are arrested and urgently in need of money via PayPay, things like that.

There are good security practices to protect yourself online. One is to use a password manager. I use a product called 1Password. You pay for it, but it is excellent and their support is outstanding. I have used it several years, and now I have a family account so that everyone in my family can use it to secure their passwords. It ensures that every site you use has a unique and very strong password, such as 29xfklwei309*#020c. It takes a little getting used to, but then it becomes second nature, and if you have difficulty with it, their tech support is very responsive.
 
  • Like
Reactions: scouser75
So, now my main question is: how likely is it that she has something nefarious running in the background on her laptop, and should she run a malware scan (and if so how) or what?
Unlikely. But, for peace of mind, get Malwarebytes - just the home version and free to do manual scans. Don't sign up to paid version. You might want to try it yourself before talking your mom through installing and running.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.