By Graham K. Rogers

We always need to be on the lookout for Malware. Phishing attempts are quite common and so are browser popup warnings. Often users are told that there is a virus (Trojan perhaps on a Mac, not a virus - not yet) and I have been contacted in the past by local users in a panic. My response is never click on a link, and never to trust anything unexpected in a browser or email. A warning that purported to come from the AppleCare Protection Plan this afternoon, did indeed look quite official. It told me that my machine was infected with 3 viruses and that there was imminent damage from the malware and phishing attempt - "System Damage 28.1%".

To avoid more damage, I was warned, press Scan Now. This was a button that actually linked to a JavaScript. I took a screenshot and shut the page. I wish I had looked at the code to see if there were more clues, but I thought it better to close the page than run any risk. Even so, the screenshot does show a suspicious URL that includes the use of PHP. Best to close the page.

I did a lookup of "apple.com-webbrowsing-security.review" which gave me two IP numbers: 69.172.229.226 and 76.74.170.99, which appear to be from a location in Toronto. This site needs to be shut down.

If there were some malware (unlikely), and this was something that Apple was sending to some users, this would alarm again if I tried other pages. I started with the Apple site, then Amazon and a few more with no alarm page appearing. I suspect that my initial trigger was a mistyped URL. Just as I removed it and typed again, I noticed it changed to "w3" instead of www", but by then it was gone. This new attempt was well-crafted and had a timer that was ticking down from under 2 minutes, increasing any pressure that some users might feel. Unless you have malware protection installed, this type of warning is probably more risky than anything already on the system. Stay vigilant.

Graham K. Rogers teaches at the Faculty of Engineering, Mahidol University in Thailand. He wrote in the Bangkok Post, Database supplement on IT subjects. For the last seven years of Database he wrote a column on Apple and Macs. After 3 years writing a column in the Life supplement, he is now no longer associated with the Bangkok Post. He can be followed on Twitter (@extensions_th)