Dear Safari User, You Are Today's Lucky Visitor POP-UP Scam (Mac)
Written by Tomas Meskauskas on (updated)
What is Dear Safari User, You Are Today's Lucky Visitor?
"Dear Safari User, You Are Today's Lucky Visitor" is another scam message delivered by deceptive websites. Most visitors arrive at these sites inadvertently - they are redirected by intrusive ads or potentially unwanted applications (PUAs). Research shows that potentially unwanted applications typically infiltrate systems without permission.
As well as causing redirects, they deliver intrusive advertisements and gather sensitive information.
The message states that the visitor is "today's lucky user" and, thus, has the chance to win a valuable prize ($1000 equivalent gift card, iPhone X, or other). The user must simply complete a 4-question survey. This is a scam. Cyber criminals use these messages to generate revenue.
Users who click buttons on the deceptive website encounter additional redirects to other dubious sites, which can result in high-risk computer infections. Furthermore, the site records various information (geo-location, IP address, etc.) and is likely to ask users to to enter personal details (e.g., name/surname, email address, and so on).
Therefore, you are advised to leave websites that display the "Dear Safari User, You Are Today's Lucky Visitor" message immediately. Note that some rogue sites use scripts that disable closing of browsing tabs/windows. In these case, you should terminate the browser using Activity Monitor or reboot the system.
After restarting it, do not restore the previous session, otherwise you will end up returning to the malicious sites.
Potentially unwanted applications deliver coupon, banner, pop-up, and other similar advertisements using tools that enable placement of third party graphical content on any visited website. Therefore, intrusive ads often conceal underlying content, thereby diminishing the browsing experience.
In addition, they can redirect to malicious websites and run scripts that download/install malware. Thus, clicking them is risky and can result in high-risk computer infections. Another significant downside is data tracking. Research shows that potentially unwanted applications often record information relating to browsing habits.
In most cases, the list of collected data types includes (but is not limited to) IP addresses, search queries, keystrokes, websites/URLs visited, and geo-locations. This information often includes personal details that are often misused to generate revenue.
The presence of information-tracking apps might lead to serious privacy issues or even identity theft. We strongly recommend that you eliminate all potentially unwanted applications immediately.
|Name||"Dear Safari user, You are today's lucky visitor" virus|
|Threat Type||Mac malware, Mac virus|
|Symptoms||Your Mac became slower than normal, you see unwanted pop-up ads, you get redirected to shady websites.|
|Distribution methods||Deceptive pop-up ads, free software installers (bundling), fake flash player installers, torrent file downloads.|
|Damage||Internet browsing tracking (potential privacy issues), displaying of unwanted ads, redirects to shady websites, loss of private information.|
|Malware Removal (Mac)||
To eliminate possible malware infections, scan your Mac with legitimate antivirus software. Our security researchers recommend using Combo Cleaner.
There are hundreds of rogue websites that deliver deceptive messages. In most cases, however, these pop-ups claim that the system is damaged (infected, missing files, or similar) and encourages users to purchase system fixing tools or to call and pay for 'tech support'.
Unwanted apps are usually very similar, mostly offering "useful features", but are designed only to generate revenue for the developers. Rather than enabling the features promised, they pose a significant threat to your privacy and web browsing safety.
How did potentially unwanted applications install on my computer?
Some rogue apps have official download/promotion websites. In most cases, however, they infiltrate systems without permission, since developers proliferate them using intrusive advertising and the "bundling" method (stealth installation of third party applications together with regular software).
Developers do not disclose "bundled" programs' installation properly - they hide these apps within "Custom/Advanced" settings (or other sections) of the download/installation processes. Furthermore, many users often rush these procedures and skip steps. In addition, they click various advertisements without understanding the possible consequences.
This behavior can lead to inadvertent installation of potentially unwanted applications - users expose their systems to risk of infections and compromise their privacy.
How to avoid installation of potentially unwanted applications?
To prevent this situation, be very cautious when browsing the Internet and downloading/installing software. Carefully analyze each download/installation step using the "Custom" or "Advanced" settings. During the process, opt-out of additionally-included programs and decline offers to download/install them.
You are strongly advised to download applications from official sources only (via direct download links) and avoid using third party downloaders/installers, since these tools often include rogue apps. The main reasons for computer infections are poor knowledge and careless behavior - the key to safety is caution.
If your computer is already infected with PUAs, we recommend running a scan with Combo Cleaner Antivirus for macOS to automatically eliminate them.
Text presented in "Dear Safari User, You Are Today's Lucky Visitor" scam:
Dear Safari user,
You are today's lucky visitor for: September 7, 2018 (Seattle)
You've been personally selected to take part in our 2018 Annual Visitor Survey! Tell us what you think of Safari and to say "Thank You" you'll receive a chance to get an $1,000 Gift Card, IPhone X and other amazing deals!
All you need to do is to answer the folowing 4 questions to begin. Good luck!
Appearance of "Dear Safari User, You Are Today's Lucky Visitor" scam (GIF):
Another variant of "Dear Safari User, You Are Today's Lucky Visitor" pop-up scam:
Instant automatic Mac malware removal:
Manual threat removal might be a lengthy and complicated process that requires advanced computer skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of Mac malware. Download it by clicking the button below:
- What is "Dear Safari user, You are today's lucky visitor" virus?
- How to identify a pop-up scam?
- How do pop-up scams work?
- How to remove fake pop-ups?
- How to prevent fake pop-ups?
- What to do if you fell for a pop-up scam?
How to identify a pop-up scam?
Pop-up windows with various fake messages are a common type of lures cybercriminals use. They collect sensitive personal data, trick Internet users into calling fake tech support numbers, subscribe to useless online services, invest in shady cryptocurrency schemes, etc.
While in the majority of cases these pop-ups don't infect users' devices with malware, they can cause direct monetary loss or could result in identity theft.
Cybercriminals strive to create their rogue pop-up windows to look trustworthy, however, scams typically have the following characteristics:
- Spelling mistakes and non-professional images - Closely inspect the information displayed in a pop-up. Spelling mistakes and unprofessional images could be a sign of a scam.
- Sense of urgency - Countdown timer with a couple of minutes on it, asking you to enter your personal information or subscribe to some online service.
- Statements that you won something - If you haven't participated in a lottery, online competition, etc., and you see a pop-up window stating that you won.
- Computer or mobile device scan - A pop-up window that scans your device and informs of detected issues - is undoubtedly a scam; webpages cannot perform such actions.
- Exclusivity - Pop-up windows stating that only you are given secret access to a financial scheme that can quickly make you rich.
Example of a pop-up scam:
How do pop-up scams work?
Cybercriminals and deceptive marketers usually use various advertising networks, search engine poisoning techniques, and shady websites to generate traffic to their pop-ups. Users land on their online lures after clicking on fake download buttons, using a torrent website, or simply clicking on an Internet search engine result.
Based on users' location and device information, they are presented with a scam pop-up. Lures presented in such pop-ups range from get-rich-quick schemes to fake virus scans.
How to remove fake pop-ups?
In most cases, pop-up scams do not infect users' devices with malware. If you encountered a scam pop-up, simply closing it should be enough. In some cases scam, pop-ups may be hard to close; in such cases - close your Internet browser and restart it.
In extremely rare cases, you might need to reset your Internet browser. For this, use our instructions explaining how to reset Internet browser settings.
How to prevent fake pop-ups?
To prevent seeing pop-up scams, you should visit only reputable websites. Torrent, Crack, free online movie streaming, YouTube video download, and other websites of similar reputation commonly redirect Internet users to pop-up scams.
To minimize the risk of encountering pop-up scams, you should keep your Internet browsers up-to-date and use reputable anti-malware application. For this purpose, we recommend Combo Cleaner Antivirus for macOS.
What to do if you fell for a pop-up scam?
This depends on the type of scam that you fell for. Most commonly, pop-up scams try to trick users into sending money, giving away personal information, or giving access to one's device.
- If you sent money to scammers: You should contact your financial institution and explain that you were scammed. If informed promptly, there's a chance to get your money back.
- If you gave away your personal information: You should change your passwords and enable two-factor authentication in all online services that you use. Visit Federal Trade Commission to report identity theft and get personalized recovery steps.
- If you let scammers connect to your device: You should scan your computer with reputable anti-malware (we recommend Combo Cleaner Antivirus for macOS) - cyber criminals could have planted trojans, keyloggers, and other malware, don't use your computer until removing possible threats.
- Help other Internet users: report Internet scams to Federal Trade Commission.
▼ Show Discussion