Home Malware Programs Adware ’888-447-1249′ Pop-Ups

’888-447-1249′ Pop-Ups

Posted: December 30, 2015

Threat Metric

Threat Level: 8/10
Infected PCs: 246
First Seen: December 30, 2015
Last Seen: December 13, 2022
OS(es) Affected: Windows

The '888-447-1249' pop-ups are technical support hoaxes served as covers for collecting information or getting remote access to your computer. Current samples of the '888-447-1249' pop-ups implicate the specific targeting of Apple device users, although they have yet to circulate threats or Web scripts that could launch automatically. Removing the '888-447-1249' pop-ups or their aftereffects always should be done by professional anti-malware programs; malware experts also would recommend taking extra steps for protecting any compromised information.

Taking a Bite out of Fake Apple Technical Support

The '888-447-1249' pop-ups, just like the '844-714-3213' Pop-Ups or '647-360-4454' Pop-Ups, continue the running theme of Mac users being just as vulnerable to Web hoaxes as Windows owners. These attacks were last confirmed loading through Macsecureservices.info, a corrupted website not yet categorized in most threat databases. Because the '888-447-1249' pop-ups have had incidents of persisting through system reboots, they may be associated with unwanted browser modifications or even adware, although there is no evidence of genuinely threatening software triggering them to date.

PC users exposed to the '888-447-1249' pop-ups are asked to call its hotline, supposedly for the purpose of technical support in preventing damages from an ongoing attack. These attacks claim to redirect the reader to a Mac support technician. The real motive of the hotline is to initiate a conversation with a con artist, who may ask you to install unsafe software or request information.

Previously, these technical support tactics have mostly focused on compromising the remote network security of the PC. The '888-447-1249' pop-ups follow this overall trend, and following the recommendations of the associated con artists may lead you to give them remote access to your computer. The form of access is not necessarily dependent on threats; malware researchers also often see non-threatening tools (like TeamViewer or RealVNC) just as viable for the same purposes. Whether they use legitimate apps or Trojans, third parties can gain access to your files, system settings, information and software.

Beating a Real Browser Attack Beneath a Fake One

The website currently linked to the '888-447-1249' pop-ups, Macsecureservices.info, has been active only in the last quarter of 2015. However, malware researchers have seen a recurring history of effectively identical attacks launching through other websites and hotlines. Whether you suffer from an attack by the '888-447-1249' pop-ups or other hotline tactics, these sites should be assumed to be capable of harming your computer. Rebooting in Safe Mode and launching an anti-malware scan always should be your first response to a redirect to a corrupted site. For Mac users, Safe Mode is accessible by holding the Shift key during the reboot process until you see the Apple logo.

Computer users who follow all the advice in the '888-447-1249' pop-ups may leak information, purchase fake software products or let third parties access their computers. For PC users seeing remote access software like TeamViewer on their machines without installing them, it should be removed with the same promptness you would give to removing any backdoor Trojan. Information that you've provided to the 'support technicians' of the '888-447-1249' pop-ups should be assumed to be in the wrong hands possession and subject to future abuse. You should change any important passwords without delay, and you may wish to contact your bank or credit card company for additional procedures worth following.