THREAT REMOVAL

“System Security At Risk” Scam for Mac – How to Remove It

This article has been created in order to help you understand what is the “System Security At Risk” scam for Mac and how to remove it completely.

SIDENOTE: This post was originally published in September 2018. But we gave it an update in August 2019.

A familiar scamming message targeting Mac users has been detected to resurface it’s activities by security resarchers. The malware aims to infect users by getting them to either call a fake tech support number or by asking users to download and install multiple different types of fake Mac virus removal programs that claim to handle security risks which may not even exist. If you see the “System Security At Risk” scam, we would suggest that you thoroughly read this article as it aims to show you how you can eliminate those messages permanently from your Mac.

Threat Summary

NameSystem Security At Risk
TypeTech Support Scam for Mac OS
Short DescriptionAims to get users to call a tech support number and pay $300 to fix a problem on your Mac that does not exist.
SymptomsDisplays a browser redirect message asking to call a tech support number
Distribution MethodVia adware or suspicious websites.
Detection Tool See If Your System Has Been Affected by malware

Download

Combo Cleaner

User ExperienceJoin Our Forum to Discuss System Security At Risk.

”Critical Security Warning” Scam – How Did I Get It

The main reason of you starting to see the “Critical Security Warning” messages appearing on your Mac is likely believed to be a browser redirection. These types of redirects are often spread as a result of visiting a suspicious website or having an adware program installed directly on your Mac. The result of this is the “Critical Security Warning” scam messages to appear in the forms of pop-ups, redirects and others.

If caused by adware, then it is likely that either a browser extension or an app residing in your Mac could be compromised or potentially unwnated. Such software often tends to pretend to be helpful while in the same time may collect user data and display different forms of advertised content.

”Critical Security Warning” Scam – More Information

The “Critical Security Warning” pop-up may come under different forms on your computer. The scamming messages may often arrive as the following message:

“********* System Security At Risk ***********
Critical Security Warning! Your mac has detected a serious attack on this system, as your IP address seems to be acessed from two different locations at one time. A Suspicious Connection was trying to access Your Logins, Banking Details & Tracking Your Internet Activity.

lease contact the Mac Support team immediatelly at 808-518-4618 (TOLL FREE) and provide error code UR97L1DA2TA to scan and resolve the potential threats to your personal and financial information which seems to be accessed tom another computer. Your Mac Security Center & Firewall Services are disabled. Your TCP Connection was blocked by your Firewall. Your Accounts may be suspended until you take an action. “

We have checked the phone number 808-518-4618 that is related to the scam on 800notes(https://800notes.com/Phone.aspx/1-808-518-4618) and have established that it was related to a lot of different types of scams.

One user (Joe) has reported it to be related to a crooks who want you to pay a hefty sum of money to fix a virus that may not even exist:

Joe
| 1 reply
If you get a pop up telling you that you have a trojan horse virus and you need to call 808-518-4618 . THIS IS A SCAM ! They wanted $300 and your CC info so they can fix the virus. I called apple support and they fixed the problem and told me that it was a scam and to report it. This is a crime and it would give me pleasure to see them go to jail. I reported this scam to the proper authority you should too.

Another user has reported the scammers to have an Indian acent and ask for his financial credentials:

| arge B.
3 replies
My son was playing Roblox when the message came on that my computer is at risk, and someone tried to access my personal information by logging in from two different locations. Called the number and the guy with a heavy “Indian” accent told me to go to www.fastsupport.com, on which page it clearly states do not provide any info to people you don’t know. I asked the guy what the full name of his company was and he said “Apple Support”, ha, ha, ha….,they make it look as if they work for Apple (that’s what I’ve been told). I told him what the message said, he tried convincing me that this only applied to people who call me, but since I called them they are legit and I should place some “trust” in them. DO NOT CALL THEY ARE SCAMMERS. Force start your computer and if you need to take it to the apple store. Do not download any anti virus software, as some of them are malicious malware!!!!! Hate those stupid freaks, my son downloaded the some anti virus program which is a malware and a virus in itself!!!!!!

Users have also reported the scammers to ask remote access from users:

Jon
| 1 reply
A warning message popped up and basically froze our access to the internet. It said to call 1-518-808-4618. and report an error message. It had a logo for Safari, but not Apple. It apparently looked legitimate which led to my calling the number. I thought I was talking to Apple. It took me awhile to catch on that this was not Apple Support. I had already allowed him to remote in. The man had a foreign accent. There was a lot of noise in the background. He said the cost of his service would be $299.00 to clean up software and some other type of clean ware..He would never state the name of his company. We will take the computer into Apple tomorrow-and we are calling our credit card companies tonight and getting the numbers changed.

If you have granted access to the scammers, it is likely that they may have caused the following damages to your Mac:

  • Disabled your protection.
  • Added malware.
  • Copied your information (Financial data, passwrods, contact list).
  • Compromised yor AppleID.
  • Deleted your important files.
  • Asked you for money to repair any damage.

If you fell for this scam, be advised that you should not call the scammers again, since the call itself can also drain a lot of money from you via impulse schemes.

Remove “System Security At Risk” from Your Mac

System Security At Risk is the type of scamming message which may be related to unwanted software on your Mac. You can follow the removal instructions underneath this article for the removal of this Mac scam. However, be advised that it may be more than just one object causing advertisements on your Mac. This is why, according to security experts the best possible solution would be to download and run a scan on your Mac with an advanced security scanner which will surely detect and eliminate any unwanted objects from your Mac and ensure that future protection is also set in place.

Avatar

Ventsislav Krastev

Ventsislav is a cybersecurity expert at SensorsTechForum since 2015. He has been researching, covering, helping victims with the latest malware infections plus testing and reviewing software and the newest tech developments. Having graduated Marketing as well, Ventsislav also has passion for learning new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management, Network Administration and Computer Administration of System Applications, he found his true calling within the cybersecrurity industry and is a strong believer in the education of every user towards online safety and security.

More Posts - Website

Follow Me:
Twitter

OFFER
REMOVE IT NOW (MAC)
with SpyHunter for Mac
System Security At Risk may remain persistent on your system and may re-infect it. We recommend you to download SpyHunter for Mac and run free scan to remove all virus files on your Mac. This saves you hours of time and effort compared to doing the removal yourself.
Free Remover allows you, subject to a 48-hour waiting period, one remediation and removal for results found. Read EULA and Privacy Policy

Preparation Phase:

Before starting to follow the steps below, be advised that you should first do the following preparations:

  • Backup your files in case the worst happens.
  • Make sure to have a device with these instructions on standy.
  • Arm yourself with patience.

Step 1: Uninstall System Security At Risk and remove related files and objects

OFFER
Manual Removal Usually Takes Time and You Risk Damaging Your Files If Not Careful!
We Recommend To Scan Your Mac with SpyHunter for Mac
Keep in mind, that SpyHunter for Mac needs to purchased to remove the malware threats. Click on the corresponding links to check SpyHunter’s EULA and Privacy Policy


1. Hit the ⇧+⌘+U keys to open Utilities. Another way is to click on “Go” and then click “Utilities”, like the image below shows:


2. Find Activity Monitor and double-click it:


3. In the Activity Monitor look for any suspicious processes, belonging or related to System Security At Risk:

Tip: To quit a process completely, choose the “Force Quit” option.


4. Click on the "Go" button again, but this time select Applications. Another way is with the ⇧+⌘+A buttons.


5. In the Applications menu, look for any suspicious app or an app with a name, similar or identical to System Security At Risk. If you find it, right-click on the app and select “Move to Trash”.


6. Select Accounts, after which click on the Login Items preference. Your Mac will then show you a list of items that start automatically when you log in. Look for any suspicious apps identical or similar to System Security At Risk. Check the app you want to stop from running automatically and then select on the Minus (“-“) icon to hide it.


7. Remove any left-over files that might be related to this threat manually by following the sub-steps below:

  • Go to Finder.
  • In the search bar type the name of the app that you want to remove.
  • Above the search bar change the two drop down menus to “System Files” and “Are Included” so that you can see all of the files associated with the application you want to remove. Bear in mind that some of the files may not be related to the app so be very careful which files you delete.
  • If all of the files are related, hold the ⌘+A buttons to select them and then drive them to “Trash”.

In case you cannot remove System Security At Risk via Step 1 above:

In case you cannot find the virus files and objects in your Applications or other places we have shown above, you can manually look for them in the Libraries of your Mac. But before doing this, please read the disclaimer below:

Disclaimer! If you are about to tamper with Library files on Mac, be sure to know the name of the virus file, because if you delete the wrong file, it may cause irreversible damage to your MacOS. Continue on your own responsibility!

1. Click on "Go" and Then "Go to Folder" as shown underneath:

2. Type in "/Library/LauchAgents/" and click Ok:

3. Delete all of the virus files that have similar or the same name as System Security At Risk. If you believe there is no such file, do not delete anything.

You can repeat the same procedure with the following other Library directories:

→ ~/Library/LaunchAgents
/Library/LaunchDaemons

Tip: ~ is there on purpose, because it leads to more LaunchAgents.


Step 2: Remove System Security At Risk – related extensions from Safari / Chrome / Firefox

Remove an extension from Safari and reset it.Remove a toolbar from Google Chrome Remove a toolbar from Mozilla Firefox

1. Start Safari

2. After hovering your mouse cursor to the top of the screen, click on the Safari text to open its drop down menu.

3. From the menu, click on "Preferences"

stf-safari preferences

4. After that, select the 'Extensions' Tab

stf-safari-extensions

5. Click once on the extension you want to remove.

6. Click 'Uninstall'

stf-safari uninstall

A pop-up window will appear asking for confirmation to uninstall the extension. Select 'Uninstall' again, and the System Security At Risk will be removed.

How to Reset Safari
IMPORTANT: Before resetting Safari make sure you back up all your saved passwords within the browser in case you forget them.

Start Safari and then click on the gear leaver icon.

Click the Reset Safari button and you will reset the browser.

1. Start Google Chrome and open the drop menu

2. Move the cursor over "Tools" and then from the extended menu choose "Extensions"

3. From the opened "Extensions" menu locate the add-on and click on the garbage bin icon on the right of it.

4. After the extension is removed, restart Google Chrome by closing it from the red "X" in the top right corner and start it again.


1. Start Mozilla Firefox. Open the menu window

2. Select the "Add-ons" icon from the menu.

3. Select the Extension and click "Remove"

4. After the extension is removed, restart Mozilla Firefox by closing it from the red "X" in the top right corner and start it again.


Step 3: Scan for and remove System Security At Risk files from your Mac

When you are facing problems on your Mac as a result of unwanted scripts and programs such as System Security At Risk, the recommended way of eliminating the threat is by using an anti-malware program. SpyHunter for Mac offers advanced security features along with other modules that will improve your Mac’s security and protect it in the future.


Click the button below below to download SpyHunter for Mac and scan for System Security At Risk:


Download

SpyHunter for Mac



Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...