Summary
There is a vulnerability currently being exploited on Apple Mac computers as well as Windows computers. It involves malicious website notifications that mislead people into thinking they have a virus, or hacked account, or bill due.
A particularly challenging variation of this has been crafted specifically for Apple computer users as explained below. Steps for removal are offered here with some additional information below.
While the removal steps seem fairly simplistic, the research process to determine the cause of this problem took a while.
STEP #1 — Safari Settings
Open Safari and click Settings as shown below.
STEP #2 — Web Notifications
Among the top row of icons, choose Websites and click on Notifications.
STEP #3 — Remove
The unusual entry shown above is the cause of the issue. Select that entry and then click the Remove button. It should be gone from the list above.
Learn More
The above steps are provided in the most simple way possible without further explanation, but knowing more about the context of this problem is important. Read below for more information.
Alert Examples
The presence of this problem typically results in notifications appearing on your screen in the top right where system notifications normally appear. Below are some examples of what this might look like.
If you click one of the alerts above, you may receive a fake message trying to convince you that your computer has viruses and you need to call a number or pay for antivirus software. An example is below.
System Notifications
Under the Apple Menu (the Apple icon in the top left corner of your screen), choose System Settings and select Notifications. The top ten will be “ask you” as shown below.
There is actually a space before the letter “a” in “ask you.” This is why this particular item appears at the top of your list of applications —since a space comes before the letter ‘a’ in sorting.
On a healthy Mac you would see the App Store or another familiar app at the top of the list. In the example above, no additional items are showing because the page is cropped.
The purpose of the Notifications feature is to allow applications and websites to alert you of news or other information. This is similar to how smartphone notifications work.
Details
If you click on the “ask you” entry in Notifications, the notification settings for that item will appear as shown below.
As you can see above, these are the typical settings for turning notifications on and off for an app or website.
The descriptive text covers the on/off switch for the entry. The text states, “Confirm you’re not a robot, you need to click Allow.”
That bold text would usually be a short app name such as Calendar, and it would not cover the on/off switch. In this case, it seems the app name was intentionally made longer to cover the switch and make it inoperable.
Confirm Removal
Once the malicious web alert is removed from Safari, as explained in the steps at the top of this page, it should no longer be showing on the computer’s System Settings Notifications page. Below is an example after it has been removed.
Virus Scan
This issue is not detected by antivirus software. However, it’s a good idea to scan for viruses in case there may be other security issues on the computer. Malwarebytes is available for free.
