Avoid getting scammed by fake "Apple Security Damaged" websites
Written by Tomas Meskauskas on (updated)
What kind of scam is "Apple Security Damaged"?
"Apple Security Damaged" is a technical support scam run by a malicious website that users often visit inadvertently - they are redirected by various potentially unwanted programs (PUPs). Research shows that these PUPs usually infiltrate systems without consent ("bundling" method).
As well as causing unwanted redirects, they deliver intrusive online advertisements and continually gather various information relating to web browsing activity.
"Apple Security Damaged" scam overview
"Apple Security Damaged" targets users with the Mac OS, claiming that a suspicious connection has been detected, personal information (logins/passwords, banking details, etc.) is at risk, and that Apple has blocked the Internet connection.
The issue must be resolved immediately and, thus, users are encouraged to contact "certified technicians" via a telephone number ("+1-844-804-6074") provided. As mentioned above, however, the "Apple Security Damaged" error message is fake - merely an attempt to trick users into calling and paying for services that are not required.
This message can be removed simply by closing the web browser. Be aware that potentially unwanted programs employ a "virtual layer" to generate pop-up, coupon, banner, and other similar advertisements. This tool enables placement of third party graphical content on any site.
Therefore, the displayed ads often conceal underlying website content, significantly diminishing the web browsing experience. In addition, the ads can redirect to malicious websites and even accidental clicks can result in high-risk adware or malware infections. Another downside is information tracking.
Be aware that PUPs record geo-locations, Internet service provides (ISPs), Internet Protocol (IP) addresses, URLs visited, search queries, mouse/keyboard activity, and other similar information that might contain personal details. The data is shared with third parties (potentially, cyber criminals) who generate revenue by misusing private information.
Thus, information tracking can result in serious privacy issues or even identity theft. All PUPs should be uninstalled immediately.
Name | "Apple Security Damaged" virus |
Threat Type | Phishing, Scam, Social Engineering, Fraud |
Fake Claim | Device security and privacy has been compromised. |
Disguise | Apple |
Tech Support Scammer Phone Number | +1-844-804-6074 |
Symptoms | Fake error messages, fake system warnings, pop-up errors, hoax computer scan. |
Distribution methods | Compromised websites, rogue online pop-up ads, potentially unwanted applications. |
Damage | Loss of sensitive private information, monetary loss, identity theft, possible malware infections. |
Malware Removal (Mac) | To eliminate possible malware infections, scan your Mac with legitimate antivirus software. Our security researchers recommend using Combo Cleaner. |
Similar scam examples
"Apple Security Damaged" shares many similarities with "YahLover.worm Infection", "Critical Security Warning!", "Mac Malware Warning Alert !", and a number of other fake error messages. All claim that the system is damaged/infected in some way, however, these errors are designed only to scare victims and trick them into paying.
In fact, PUPs are designed only to generate revenue for the developers. By offering various 'useful features', they attempt to give the impression of legitimacy, whereas they actually cause unwanted redirects, deliver intrusive online advertisements, and continually record various user/system information.
How did potentially unwanted applications install on my computer?
Cyber criminals proliferate PUPs by employing a deceptive marketing method called "bundling" - stealth installation of third party applications with regular software/apps.
Many users rush the download and installation processes and skip steps. Aware of this, criminals hide bundled programs within the "Custom/Advanced" settings. By skipping this section, users expose their systems to risk of various infections and compromise their privacy.
How to avoid installation of potentially unwanted applications?
This situation can be prevented by taking two simple steps. Firstly, never rush when downloading and installing software - choose the "Custom/Advanced" settings and carefully observe each step. Secondly, decline offers to download/install additional applications and cancel those already included. The key to computer safety is caution.
If your computer is already infected, we recommend running a scan with Combo Cleaner Antivirus for macOS to automatically eliminate all threats.
Text presented within the "Apple Security Damaged" pop-up:
A suspicious connection was trying to access your logins, banking details & tracking your internet activity and misuse your photos and your private data as well your device is not safe.anyone can be hack your apple device. Your tcp connection was blocked by apple. your accounts may be suspended until you take an action. Please contact apple certified technicians on the+1-844-804-6074 (toll free number) Your disk may have trojan virus! please do not try to fix manually, it may crash your data. Consequently, we are performing additional security checks to verify system security. Customer service: +1-844-804-6074 (toll-free) Immediate response required Please contact apple administration to rectify the issue. Please do not open internet browser for your security issue to avoid data corruption on your registery of your ios. please contact apple administration department at +1-844-804-6074 (toll-free) virus info: A trojan horse, or trojan, in computing is a non-self-replicating type of malware program containing malicious code that, when executed, carries out actions determined by the nature of the trojan, typically causing loss or theft of data, and possible system harm. the term is derived from the story of the wooden horse used to trick defenders of troy into taking concealed warriors into their city in ancient greece, because device trojans often employ a form of social engineering, presenting themselves as routine, useful, or interesting in order to persuade victims to install them on their device. A trojan often acts as a backdoor, contacting a controller which can then have unauthorized access to the affected device. the trojan and backdoors are not themselves easily detectable, but if they carry out significant computing or communications activity may cause the device to run noticeably slowly. malicious programs are classified as trojans if they do not attempt to inject themselves into other files (device virus) or otherwise propagate themselves (worm). A device may host a trojan via a malicious program a user is duped into executing files or browsing internet. Please contact apple administration department at +1-844-804-6074 (toll-free) The problem is caused by an unusual activity performed on this machine. Error code- S1L457. Call customer support number +1-844-804-6074 and share this code with the agent.
Instant automatic Mac malware removal:
Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of Mac malware. Download it by clicking the button below:
▼ DOWNLOAD Combo Cleaner for Mac
By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.
Quick menu:
- What is Apple Security Damaged?
- STEP 1. Remove adware related files and folders from OSX.
- STEP 2. Remove rogue extensions from Safari.
- STEP 3. Remove adware from Google Chrome.
- STEP 4. Remove deceptive extensions from Mozilla Firefox.
Video showing how to remove adware and browser hijackers from a Mac computer:
Adware removal:
Remove Apple Security Damaged-related potentially unwanted applications from your "Applications" folder:
Click the Finder icon. In the Finder window, select “Applications”. In the applications folder, look for “MPlayerX”,“NicePlayer”, or other suspicious applications and drag them to the Trash. After removing the potentially unwanted application(s) that cause online ads, scan your Mac for any remaining unwanted components.
Remove adware-related files and folders
Click the Finder icon, from the menu bar. Choose Go, and click Go to Folder...
Check for adware generated files in the /Library/LaunchAgents/ folder:
In the Go to Folder... bar, type: /Library/LaunchAgents/
In the "LaunchAgents" folder, look for any recently-added suspicious files and move them to the Trash. Examples of files generated by adware - "installmac.AppRemoval.plist", "myppes.download.plist", "mykotlerino.ltvbit.plist", "kuklorest.update.plist", etc. Adware commonly installs several files with the exact same string.
Check for adware generated files in the ~/Library/Application Support/ folder:
In the Go to Folder... bar, type: ~/Library/Application Support/
In the "Application Support" folder, look for any recently-added suspicious folders. For example, "MplayerX" or "NicePlayer", and move these folders to the Trash.
Check for adware generated files in the ~/Library/LaunchAgents/ folder:
In the Go to Folder... bar, type: ~/Library/LaunchAgents/
In the "LaunchAgents" folder, look for any recently-added suspicious files and move them to the Trash. Examples of files generated by adware - "installmac.AppRemoval.plist", "myppes.download.plist", "mykotlerino.ltvbit.plist", "kuklorest.update.plist", etc. Adware commonly installs several files with the exact same string.
Check for adware generated files in the /Library/LaunchDaemons/ folder:
In the "Go to Folder..." bar, type: /Library/LaunchDaemons/
In the "LaunchDaemons" folder, look for recently-added suspicious files. For example "com.aoudad.net-preferences.plist", "com.myppes.net-preferences.plist", "com.kuklorest.net-preferences.plist", "com.avickUpd.plist", etc., and move them to the Trash.
Scan your Mac with Combo Cleaner:
If you have followed all the steps correctly, your Mac should be clean of infections. To ensure your system is not infected, run a scan with Combo Cleaner Antivirus. Download it HERE. After downloading the file, double click combocleaner.dmg installer. In the opened window, drag and drop the Combo Cleaner icon on top of the Applications icon. Now open your launchpad and click on the Combo Cleaner icon. Wait until Combo Cleaner updates its virus definition database and click the "Start Combo Scan" button.
Combo Cleaner will scan your Mac for malware infections. If the antivirus scan displays "no threats found" - this means that you can continue with the removal guide; otherwise, it's recommended to remove any found infections before continuing.
After removing files and folders generated by the adware, continue to remove rogue extensions from your Internet browsers.
Remove malicious extensions from Internet browsers
Remove malicious Safari extensions:
Open the Safari browser, from the menu bar, select "Safari" and click "Preferences...".
In the preferences window, select "Extensions" and look for any recently-installed suspicious extensions. When located, click the "Uninstall" button next to it/them. Note that you can safely uninstall all extensions from your Safari browser - none are crucial for regular browser operation.
- If you continue to have problems with browser redirects and unwanted advertisements - Reset Safari.
Remove malicious extensions from Google Chrome:
Click the Chrome menu icon (at the top right corner of Google Chrome), select "More Tools" and click "Extensions". Locate all recently-installed suspicious extensions, select these entries and click "Remove".
- If you continue to have problems with browser redirects and unwanted advertisements - Reset Google Chrome.
Remove malicious extensions from Mozilla Firefox:
Click the Firefox menu (at the top right corner of the main window) and select "Add-ons and themes". Click "Extensions", in the opened window locate all recently-installed suspicious extensions, click on the three dots and then click "Remove".
- If you continue to have problems with browser redirects and unwanted advertisements - Reset Mozilla Firefox.
Frequently Asked Questions (FAQ)
What is an online scam?
Online scams are a type of content promoted on the Web that aims to trick users into performing certain actions. For example, victims can be lured into calling fake support lines, allowing scammers to access devices remotely, sending money to scammers, purchasing products, downloading/installing programs, subscribing to services, etc.
What is the purpose of an online scam?
Online scams are designed to generate revenue at victims' expense. Cyber criminals primarily profit by acquiring funds through deception, promoting content (e.g., websites, apps, products, services, etc.), selling/abusing private information, and spreading malware.
Why do I encounter online scams?
Online scams are mainly promoted through sites using rogue advertising networks, intrusive ads (malvertising), spam (e.g., emails, PMs/DMs, SMSes, browser notifications, social media/ forum posts, etc.), mistyped URLs (typosquatting), and adware.
I cannot exit a scam page, how do I close it?
If you cannot exit a scam page – end the browser's process using the Activity Monitor (Mac) or Task Manager (Windows). Start a new browsing session when relaunching the browser, as the previous one includes the deceptive website.
I have allowed cyber criminals to remotely access my computer, what should I do?
If you have permitted cyber criminals to access your device remotely – disconnect it from the Internet. Afterward, remove the remote access program that the scammers used (e.g., UltraViewer, TeamViewer, etc.), as they might not need your permission to reconnect. Lastly, run a full system scan with an anti-virus and eliminate all detected threats.
I have provided my personal information when tricked by an online scam, what should I do?
If you have provided your log-in credentials – change the passwords of all possibly exposed accounts and inform their official support. However, if you've disclosed personally identifiable or finance-related information (e.g., ID card details, passport photos/scans, credit card numbers, etc.) – immediately contact the appropriate authorities.
Will Combo Cleaner protect me from online scams and the malware they proliferate?
Combo Cleaner can scan visited websites and detect rogue, deceptive/scam, and malicious pages. It can also restrict all further access to such sites. Additionally, Combo Cleaner can detect and eliminate practically all known malware infections. Keep in mind that performing a complete system scan is paramount, as sophisticated malicious programs usually hide deep within systems.
▼ Show Discussion