What is "Your Mac is heavily damaged! (33.2%)"?
"Your Mac is heavily damaged! (33.2%)" is a typical scam (fake virus alert) that is distributed through a deceptive, dubious website. The main purpose of this scam is to trick people into downloading a potentially unwanted application (PUA) called Mac-Tweak-Pro by displaying fake notifications about 'detected' viruses/infections.
Typically, people do not visit websites of this type intentionally - they are redirected to them by other installed PUAs. In addition to unwanted redirects, these apps often feed users with intrusive advertisements and gather information.
This deceptive website displays a pop-up window informing users that immediate action is required. It states that a website has detected a trojan virus (e.tre456_worm_osx) and encourages users to remove it. A website behind this pop-up informs visitors that their Mac computers are infected with three viruses: two malware infections and one phishing/spyware computer infection.
To avoid further system damage (data loss), which according to this website is already 28.1%, these infections must be removed immediately. It is also stated that personal and banking information is at risk as. All visitors to this website are urged to scan their computers by clicking the "Scan Now" button within five minutes, otherwise detected viruses will cause permanent damage.
Once the button is clicked, this website begins a fake scan that (when complete) states that the Mac computer is heavily damaged (33.2%). It states that it has detected Tapsnake, CronDNS, and Dubfishicv viruses and encourages users to download Advanced Mac Cleaner.
In fact, when the "REMOVE VIRUSES NOW" button is clicked, it downloads the aforementioned Mac-Tweak-Pro app. No tools promoted using untrustworthy websites should not be downloaded, installed, or used.
Potentially unwanted apps cause redirects to dubious websites, deliver intrusive advertisements, and collect data. They feed users with coupons, banners, surveys, pop-ups and other intrusive ads that are usually displayed on any visited website. Generally, they conceal website contents and, when clicked, open other untrustworthy pages.
Some might contain malicious content. Furthermore, intrusive ads (if clicked) can download and install even more unwanted apps. Another issue with PUAs is information tracking. They often gather entered search queries, IP (Internet Protocol) addresses, geo-locations, URLs of visited websites, and so on.
Some might also record personal information. PUAs developers continually share the data with other parties (potentially also cyber criminals). These third parties misuse the information to generate revenue. People with unwanted apps installed on their system can experience problems relating to browsing safety and privacy. In some cases, even identity theft.
|Name||"Your Mac is heavily damaged! (33.2%)" virus|
|Threat Type||Mac malware, Mac virus.|
|Symptoms||Your Mac is slower than normal, you see unwanted pop-up ads, you are redirected to dubious websites.|
|Distribution methods||Deceptive pop-up ads, free software installers (bundling), fake Flash Player installers, torrent file downloads.|
|Damage||Internet browsing tracking (potential privacy issues), display of unwanted ads, redirects to dubious websites, loss of private information.|
|Malware Removal (Mac)||
To eliminate possible malware infections, scan your Mac with legitimate antivirus software. Our security researchers recommend using Combo Cleaner.
Scammers use various deceptive websites to trick people into downloading and installing PUAs.
The "Your Mac is heavily damaged! (33.2%)" scam is similar to "Mac OS X Is Infected (4) By Viruses", "Apple.com-clean-os.live", "Your OSX 10.11 El Capitan Is Infected With 3 Viruses!", and many others. Websites that are used to promote scams might seem legitimate, however, they should not be trusted and the software should never be downloaded from them.
How did potentially unwanted applications install on my computer?
Unintentional downloads and installations of PUAs often happen when people click dubious, intrusive advertisements or download and install software. Developers commonly trick people into causing unintentional downloads and installations (together with regular software) using a deceptive marketing method called "bundling".
Typically, they hide information about the inclusion (bundling) of additionally-included apps in software download/installation settings such as "Custom", "Advanced", and so on. Furthermore, many people cause unintentional downloads and installations when they leave settings unchecked and unchanged.
How to avoid installation of potentially unwanted applications?
Download and install software carefully using official, trustworthy sources and direct links only. Avoid untrustworthy, unofficial websites, third party downloaders/installers and other such tools. Check "Custom", "Advanced" and other similar settings when installing or downloading software. Deselect offers to install unwanted apps and only then finish the installation or download.
Avoid clicking intrusive advertisements, especially on untrustworthy websites. If you encounter ads that redirect you to gambling, adult dating and other untrustworthy websites, check your browser for unwanted, unknown extensions, add-ons, and plug-ins, and remove them immediately.
Also check the list of installed programs installed on the operating system and uninstall any unwanted/unknown entries. If your computer is already infected with PUAs, we recommend running a scan with Combo Cleaner Antivirus for macOS to automatically eliminate them.
Text presented in a pop-up window displayed on this deceptive website:
IMMEDIATE ACTION REQUIRED
We have detected a trojan virus (e.tre456_worm_osx) on your Mac.
Press OK to begin the repair process.
Screenshot of a deceptive website encouraging to scan systems for viruses:
Text presented in this page:
AppleCare Protection Plan
Your system is infected with 3 viruses! Wednesday, March 20, 2019 10:53 AM
Your Mac is infected with 3 viruses. Our security check found traces of 2 malware and 1 phishing/spyware. System damage: 28.1% - Immediate removal required!
The immediate removal of the viruses is required to prevent further system damage, loss of Apps, Photos or other files.
Traces of 1 phishing/spyware were found on your Mac with MacOS 10.14 Mojave.
Personal and banking information is at risk.
To avoid more damage click on 'Scan Now' immediately. Our deep scan will provide help immediately!
4 minute and 32 seconds remaining before damage is permanent.
Screenshot of fake results (viruses) detected by deceptive website:
Text presented in this page:
Your Mac is heavily damaged! (33.2%)
Please download the Advanced Mac Cleaner application to remove 3 Viruses from your Mac.
Virus Name: Tapsnake; CronDNS; Dubfishicv
Infected Files: /os/apps/hidden/os-component/X/snake.icv; /os/local/conf/keyboard/retype.icv...
REMOVE VIRUSES NOW
Application: Advanced Mac Cleaner
Appearance of "Your Mac is heavily damaged! (33.2%)" scam (GIF):
Screenshot of Mac-Tweak-Pro potentially unwanted application:
Instant automatic Mac malware removal:
Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of Mac malware. Download it by clicking the button below:
- What is "Your Mac is heavily damaged! (33.2%)" virus?
- How to identify a pop-up scam?
- How do pop-up scams work?
- How to remove fake pop-ups?
- How to prevent fake pop-ups?
- What to do if you fell for a pop-up scam?
How to identify a pop-up scam?
Pop-up windows with various fake messages are a common type of lures cybercriminals use. They collect sensitive personal data, trick Internet users into calling fake tech support numbers, subscribe to useless online services, invest in shady cryptocurrency schemes, etc.
While in the majority of cases these pop-ups don't infect users' devices with malware, they can cause direct monetary loss or could result in identity theft.
Cybercriminals strive to create their rogue pop-up windows to look trustworthy, however, scams typically have the following characteristics:
- Spelling mistakes and non-professional images - Closely inspect the information displayed in a pop-up. Spelling mistakes and unprofessional images could be a sign of a scam.
- Sense of urgency - Countdown timer with a couple of minutes on it, asking you to enter your personal information or subscribe to some online service.
- Statements that you won something - If you haven't participated in a lottery, online competition, etc., and you see a pop-up window stating that you won.
- Computer or mobile device scan - A pop-up window that scans your device and informs of detected issues - is undoubtedly a scam; webpages cannot perform such actions.
- Exclusivity - Pop-up windows stating that only you are given secret access to a financial scheme that can quickly make you rich.
Example of a pop-up scam:
How do pop-up scams work?
Cybercriminals and deceptive marketers usually use various advertising networks, search engine poisoning techniques, and shady websites to generate traffic to their pop-ups. Users land on their online lures after clicking on fake download buttons, using a torrent website, or simply clicking on an Internet search engine result.
Based on users' location and device information, they are presented with a scam pop-up. Lures presented in such pop-ups range from get-rich-quick schemes to fake virus scans.
How to remove fake pop-ups?
In most cases, pop-up scams do not infect users' devices with malware. If you encountered a scam pop-up, simply closing it should be enough. In some cases scam, pop-ups may be hard to close; in such cases - close your Internet browser and restart it.
In extremely rare cases, you might need to reset your Internet browser. For this, use our instructions explaining how to reset Internet browser settings.
How to prevent fake pop-ups?
To prevent seeing pop-up scams, you should visit only reputable websites. Torrent, Crack, free online movie streaming, YouTube video download, and other websites of similar reputation commonly redirect Internet users to pop-up scams.
To minimize the risk of encountering pop-up scams, you should keep your Internet browsers up-to-date and use reputable anti-malware application. For this purpose, we recommend Combo Cleaner Antivirus for macOS.
What to do if you fell for a pop-up scam?
This depends on the type of scam that you fell for. Most commonly, pop-up scams try to trick users into sending money, giving away personal information, or giving access to one's device.
- If you sent money to scammers: You should contact your financial institution and explain that you were scammed. If informed promptly, there's a chance to get your money back.
- If you gave away your personal information: You should change your passwords and enable two-factor authentication in all online services that you use. Visit Federal Trade Commission to report identity theft and get personalized recovery steps.
- If you let scammers connect to your device: You should scan your computer with reputable anti-malware (we recommend Combo Cleaner Antivirus for macOS) - cyber criminals could have planted trojans, keyloggers, and other malware, don't use your computer until removing possible threats.
- Help other Internet users: report Internet scams to Federal Trade Commission.