This article has been created in order to help you understand what is the “System Security At Risk” scam for Mac and how to remove it completely.
SIDENOTE: This post was originally published in September 2018. But we gave it an update in August 2019.
A familiar scamming message targeting Mac users has been detected to resurface it’s activities by security resarchers. The malware aims to infect users by getting them to either call a fake tech support number or by asking users to download and install multiple different types of fake Mac virus removal programs that claim to handle security risks which may not even exist. If you see the “System Security At Risk” scam, we would suggest that you thoroughly read this article as it aims to show you how you can eliminate those messages permanently from your Mac.
|Name||System Security At Risk|
|Type||Tech Support Scam for Mac OS|
|Short Description||Aims to get users to call a tech support number and pay $300 to fix a problem on your Mac that does not exist.|
|Symptoms||Displays a browser redirect message asking to call a tech support number|
|Distribution Method||Via adware or suspicious websites.|
See If Your System Has Been Affected by malware
|User Experience||Join Our Forum to Discuss System Security At Risk.|
”Critical Security Warning” Scam – How Did I Get It
The main reason of you starting to see the “Critical Security Warning” messages appearing on your Mac is likely believed to be a browser redirection. These types of redirects are often spread as a result of visiting a suspicious website or having an adware program installed directly on your Mac. The result of this is the “Critical Security Warning” scam messages to appear in the forms of pop-ups, redirects and others.
If caused by adware, then it is likely that either a browser extension or an app residing in your Mac could be compromised or potentially unwnated. Such software often tends to pretend to be helpful while in the same time may collect user data and display different forms of advertised content.
”Critical Security Warning” Scam – More Information
The “Critical Security Warning” pop-up may come under different forms on your computer. The scamming messages may often arrive as the following message:
“********* System Security At Risk ***********
Critical Security Warning! Your mac has detected a serious attack on this system, as your IP address seems to be acessed from two different locations at one time. A Suspicious Connection was trying to access Your Logins, Banking Details & Tracking Your Internet Activity.
lease contact the Mac Support team immediatelly at 808-518-4618 (TOLL FREE) and provide error code UR97L1DA2TA to scan and resolve the potential threats to your personal and financial information which seems to be accessed tom another computer. Your Mac Security Center & Firewall Services are disabled. Your TCP Connection was blocked by your Firewall. Your Accounts may be suspended until you take an action. “
We have checked the phone number 808-518-4618 that is related to the scam on 800notes(https://800notes.com/Phone.aspx/1-808-518-4618) and have established that it was related to a lot of different types of scams.
One user (Joe) has reported it to be related to a crooks who want you to pay a hefty sum of money to fix a virus that may not even exist:
| 1 reply
If you get a pop up telling you that you have a trojan horse virus and you need to call 808-518-4618 . THIS IS A SCAM ! They wanted $300 and your CC info so they can fix the virus. I called apple support and they fixed the problem and told me that it was a scam and to report it. This is a crime and it would give me pleasure to see them go to jail. I reported this scam to the proper authority you should too.
Another user has reported the scammers to have an Indian acent and ask for his financial credentials:
| arge B.
My son was playing Roblox when the message came on that my computer is at risk, and someone tried to access my personal information by logging in from two different locations. Called the number and the guy with a heavy “Indian” accent told me to go to www.fastsupport.com, on which page it clearly states do not provide any info to people you don’t know. I asked the guy what the full name of his company was and he said “Apple Support”, ha, ha, ha….,they make it look as if they work for Apple (that’s what I’ve been told). I told him what the message said, he tried convincing me that this only applied to people who call me, but since I called them they are legit and I should place some “trust” in them. DO NOT CALL THEY ARE SCAMMERS. Force start your computer and if you need to take it to the apple store. Do not download any anti virus software, as some of them are malicious malware!!!!! Hate those stupid freaks, my son downloaded the some anti virus program which is a malware and a virus in itself!!!!!!
Users have also reported the scammers to ask remote access from users:
| 1 reply
A warning message popped up and basically froze our access to the internet. It said to call 1-518-808-4618. and report an error message. It had a logo for Safari, but not Apple. It apparently looked legitimate which led to my calling the number. I thought I was talking to Apple. It took me awhile to catch on that this was not Apple Support. I had already allowed him to remote in. The man had a foreign accent. There was a lot of noise in the background. He said the cost of his service would be $299.00 to clean up software and some other type of clean ware..He would never state the name of his company. We will take the computer into Apple tomorrow-and we are calling our credit card companies tonight and getting the numbers changed.
If you have granted access to the scammers, it is likely that they may have caused the following damages to your Mac:
- Disabled your protection.
- Added malware.
- Copied your information (Financial data, passwrods, contact list).
- Compromised yor AppleID.
- Deleted your important files.
- Asked you for money to repair any damage.
If you fell for this scam, be advised that you should not call the scammers again, since the call itself can also drain a lot of money from you via impulse schemes.
Remove “System Security At Risk” from Your Mac
System Security At Risk is the type of scamming message which may be related to unwanted software on your Mac. You can follow the removal instructions underneath this article for the removal of this Mac scam. However, be advised that it may be more than just one object causing advertisements on your Mac. This is why, according to security experts the best possible solution would be to download and run a scan on your Mac with an advanced security scanner which will surely detect and eliminate any unwanted objects from your Mac and ensure that future protection is also set in place.
About the System Security At Risk Research
The content we publish on SensorsTechForum.com, this System Security At Risk how-to removal guide included, is the outcome of extensive research, hard work and our team’s devotion to help you remove the specific macOS issue.
How did we conduct the research on System Security At Risk?
Please note that our research is based on an independent investigation. We are in contact with independent security researchers, thanks to which we receive daily updates on the latest malware definitions, including the various types of Mac threats, especially adware and potentially unwanted apps (PUAs).
Furthermore, the research behind the System Security At Risk threat is backed with VirusTotal.
To better understand the threat posed by Mac malware, please refer to the following articles which provide knowledgeable details.
1. macOS More Susceptible to Adware and PUPs than Windows
2. XLoader Malware-as-a-Service Now Available for macOS for Only $49
3. XCSSET Mac Malware Targets Apple’s M1-Based Macs and macOS 11
4. macOS Backdoor Malware Linked to OceanLotus Hackers
5. The State of Apple’s Privacy So Far in 2021
Before starting to follow the steps below, be advised that you should first do the following preparations:
- Backup your files in case the worst happens.
- Make sure to have a device with these instructions on standy.
- Arm yourself with patience.
Step 1: Uninstall System Security At Risk and remove related files and objects
1. Hit the ⇧+⌘+U keys to open Utilities. Another way is to click on “Go” and then click “Utilities”, like the image below shows:
2. Find Activity Monitor and double-click it:
3. In the Activity Monitor look for any suspicious processes, belonging or related to System Security At Risk:
4. Click on the "Go" button again, but this time select Applications. Another way is with the ⇧+⌘+A buttons.
5. In the Applications menu, look for any suspicious app or an app with a name, similar or identical to System Security At Risk. If you find it, right-click on the app and select “Move to Trash”.
6. Select Accounts, after which click on the Login Items preference. Your Mac will then show you a list of items that start automatically when you log in. Look for any suspicious apps identical or similar to System Security At Risk. Check the app you want to stop from running automatically and then select on the Minus (“-“) icon to hide it.
7. Remove any left-over files that might be related to this threat manually by following the sub-steps below:
- Go to Finder.
- In the search bar type the name of the app that you want to remove.
- Above the search bar change the two drop down menus to “System Files” and “Are Included” so that you can see all of the files associated with the application you want to remove. Bear in mind that some of the files may not be related to the app so be very careful which files you delete.
- If all of the files are related, hold the ⌘+A buttons to select them and then drive them to “Trash”.
In case you cannot remove System Security At Risk via Step 1 above:
In case you cannot find the virus files and objects in your Applications or other places we have shown above, you can manually look for them in the Libraries of your Mac. But before doing this, please read the disclaimer below:
1. Click on "Go" and Then "Go to Folder" as shown underneath:
2. Type in "/Library/LauchAgents/" and click Ok:
3. Delete all of the virus files that have similar or the same name as System Security At Risk. If you believe there is no such file, do not delete anything.
You can repeat the same procedure with the following other Library directories:
Tip: ~ is there on purpose, because it leads to more LaunchAgents.
Step 2: Remove System Security At Risk – related extensions from Safari / Chrome / Firefox
Step 3: Scan for and remove System Security At Risk files from your Mac
When you are facing problems on your Mac as a result of unwanted scripts and programs such as System Security At Risk, the recommended way of eliminating the threat is by using an anti-malware program. SpyHunter for Mac offers advanced security features along with other modules that will improve your Mac’s security and protect it in the future.
Quick and Easy Mac Malware Video Removal Guide
Step 4: How to Make Your Mac Run Faster?
Mac machines maintain probably the fastest operating system out there. Still, Macs do become slow and sluggish sometimes. The video guide below examines all of the possible problems that may lead to your Mac being slower than usual as well as all of the steps that can help you to speed up your Mac.
System Security At Risk FAQ
What is System Security At Risk on your Mac?
The creators of such unwanted apps work with pay-per-click schemes to get your Mac to visit risky or different types of websites that may generate them funds. This is why they do not even care what types of websites show up on the ads. This makes their unwanted software indirectly risky for your MacOS.
Can my Mac get a virus?
Yes. As much as any other device, Apple computers do get viruses. Apple devices may not be a frequent target by malware authors, but rest assured that the following Apple devices can become infected with a virus:
- Mac Mini
- Macbook Air
- Macbook Pro
What are the symptoms of System Security At Risk on your Mac?
There are several symptoms to look for when this particular threat and also most Mac threats in general are active:
Symptom #1: Your Mac may become slow and has poor performance in general.
Symtpom #2: You have toolbars, add-ons or extensions on your web browsers that you don't remember adding.
Symptom #3: You see all types of ads, like ad-supported search results, pop-ups and redirects to randomly appear.
Symptom #4: You see installed apps on your Mac running automatically and you do not remember installing them.
Symptom #5: You see suspicious processes running in your Mac's Activity Monitor.
If you see one or more of those symptoms, then security experts reccomend that you check your Mac for viruses.
What types of Mac threats are there?
According to most malware researchers and cyber-security experts, the threats that can currently infect your Mac can be the following types:
- Rogue Antivirus programs.
- Adware and hijackers.
- Trojan horses and other spyware.
- Ransomware and screen-lockers.
- Cryptocurrency miner malware.
What to do if I have a Mac virus, like System Security At Risk?
Do not panic! You can easily get rid of most Mac threats by firstly isolating them and then removing them. One reccomended way to do that is by using a reputable malware removal software that can take care of the removal automatically for you. There are many Mac anti-malware apps out there that you can choose from. SpyHunter for Mac is one of the reccomended Mac anti-malware apps, that can scan for free and detect any viruses, tracking cookies and unwanted adware apps plus take care of them quickly. This saves time for manual removal that you would otherwise have to do.
How to secure my passwords and other data from System Security At Risk?
With few simple actions. First and foremost, it is imperative that you follow these steps:
Step 1: Find a safe computer and connect it to another network, not the one that your Mac was infected in.
Step 2: Change all of your passwords, starting from your e-mail passwords.
Step 3: Enable two-factor authentication for protection of your important accounts.
Step 4: Call your bank to change your credit card details (secret code, etc.) if you have saved your credit card for online shopping or have done online activiites with your card.
Step 5: Make sure to call your ISP (Internet provider or carrier) and ask them to change your IP address.
Step 6: Change your Wi-Fi password.
Step 7: (Optional): Make sure to scan all of the devices connected to your network for viruses and repeat these steps for them if they are affected.
Step 8: Install anti-malware software with real-time protection on every device you have.
Step 9: Try not to download software from sites you know nothing about and stay away from low-reputation websites in general.
If you follow these reccomendations, your network and Apple devices will become significantly more safe against any threats or information invasive software and be virus free and protected in the future too.
More tips you can find on our MacOS Virus section, where you can also ask any questions and comment about your Mac problems.