Hackers Hijacked Your Calendar, Infected Your Battery POP-UP Scam (Mac)

What kind of scam is "Hackers hijacked your calendar, infected your battery"?

It is a deceptive message displayed by an untrustworhty page. Users do not visit scam websites like this one intentionally. Most of these pages display fake notifications suggesting that a device is infected with viruses. They are created to trick visitors into installing rogue applications and visiting other untrustworthy websites.

"Hackers hijacked your calendar, infected your battery" scam in detail

This particular website is designed to display a fake system notification stating that a device is infected with malware and encouraging to remove the detected threat. The main message in the background claims that a device is infected with more than a hundred viruses targeting the Calendar application and photos.

The main purpose of this scam website is to trick visitors into believing that if they do not remove detected threats immediately, they may affect the Calendar app, photos, and battery and cause other damage. In order to remove detected viruses, this page offers to download and install an application called HotVPN Fast & secure.

It is worth mentioning that this scam website may offer to download legitimate applications. However, it does not mean that this website can be trusted. It may open download pages for adware and other unwanted, even malicious software. Therefore, it is strongly recommended to ignore this and similar scams.

It is known that this page is used to promote other scam pages suggesting that visitors have won the iPhone 12 Pro. It is likely that those scam pages are designed to trick visitors into providing personal information like credit card details and transferring money (e.g., paying shipping, administration, or another fee).

It is common that scam websites that use scare tactics to trick visitors into downloading and installing various software, visiting questionable pages, etc., are promoted through shady advertisements, various untrustworthy websites, or unwanted applications. In other words, users do not visit these sites intentionally.

More about rogue apps

It is strongly recommended not to have any apps of this kind installed - apps of this kind often are designed to collect various information and display advertisements. Quite often, they gather IP addresses, entered search queries, geolocations, and other data of this type. Although, some shady apps collect sensitive information like login credentials, banking info.

Also, these apps can display banners, coupons, surveys, pop-up ads, and other unwanted advertisements designed to promote questionable websites or distribute (download, install) unwanted applications by running certain scripts. Advertisements displayed by installed potentially unwanted applications should not be trusted.

Threat Summary:
Name	Hackers hijacked your calendar, infected your battery pop-up
Threat Type	Phishing, Scam, Mac malware, Mac virus
Fake Claim	Device is infected with 129 viruses
Related Domains	secure-inform[.]space, security-info[.]space, product-quality[.]space, guidesite[.]info
Promoted Unwanted Application	HotVPN Fast & secure
Symptoms	Your Mac becomes slower than normal, you see unwanted pop-up ads, you are redirected to dubious websites.
Distribution methods	Deceptive pop-up ads, free software installers (bundling), fake Flash Player installers, torrent file downloads.
Damage	Internet browser tracking (potential privacy issues), display of unwanted ads, redirects to dubious websites, loss of private information.
Malware Removal (Windows)	To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner. Download Combo Cleaner To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.

This scam page in general

In conclusion, this scam website uses scare tactic to trick visitors into downloading and installing a potentially unwanted app and visiting pages designed to extract personal information or money. More examples of similar scams are secure-inform[.]space, dency[.]site, and ustrack[.]online.

How did unwanted applications install on my computer?

It is popular to distribute unwanted applications by including them in downloaders, installers for other (typically, free) programs. This distribution method is known as "bundling". It works when users finish downloads, installations without checking certain settings that can be used to decline unwanted offers.

Typically, optional downloads, installations can be deselected in "Manual", "Advanced", "Custom", and other similar settings, or by unticking ticked checkboxes that downloaders, installers have in them. In some cases, rogue apps are distributed via deceptive advertisements by designing them to run certain scripts.

How to avoid installation of unwanted applications?

Downloaders and installers with checkboxes or "Manual", "Custom" and "Advanced" or other settings often include offers to download or install unwanted applications. Therefore, the aforementioned settings should be checked (and unwanted offers declined) before finishing downloads and installations.

Software (and files) should be downloaded only from official websites and through direct links. Other sources like third-party downloaders, unofficial pages, Peer-to-Peer networks (e.g., torrent clients, eMule), free file hosting pages should not be used. Third-party installers should not be used too.

Also, it is recommended not to click advertisements that appear on various questionable sites. Those ads could be designed to open untrustworthy websites or cause unwanted downloads, installations. Suspicious extensions, add-ons, or plug-ins installed on a browser (or programs of this kind installed on the operating system) should be uninstalled. If your computer is already infected with rogue apps, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate them.

Text in the fake system notification:

(1) SYSTEM NOTIFICATION
Malware detected. Hit OK to repair.
OK

Screenshot of the background page:

Text in the background page:

Apple Security Wednesday
4 August 2021
(129) Viruses have been detected on your iPhone - hackers hijacked your calendar, infected your battery and trying to steal your photos.

If you do not remove this malware now, it may cause more damage to your device. How to fix this:

Step 1: Tap the button below & install the recommended AdBlocker and virus protection tool free from the AppStore.

Step 2: Run the app, follow on screen instructions to remove malware and repair your phone remotely.
01 minutes and 28 seconds
Remove Virus
Detected By Apple.

Screenshot of the promoted application:

Screenshot of the promoted scam website:

Text in this website:

iPhone 12 Pro
Congratulations!
You have won the iPhone 12 Pro!

One Final Step:
To claim your prize please scan this QR code with your mobile phone's camera.

You will get a link to your iPhone!

Screenshot of the another promoted scam website:

Text in this website:

iPhone 12 Pro
Congratulations!
You have won the iPhone 12 Pro!

One Final Step:

To claim your prize please scan this QR
code with your mobile phone's camera.

You will get a link to your new iPhone!

Desktop appearance of "Hackers Hijacked Your Calendar, Infected Your Battery" pop-up scam (GIF):

To enable pop-up blocking, fraudulent website warnings, and remove web browsing data in mobile Apple devices, follow these steps:

First, go to "Settings", and then scroll down to find and tap "Safari".

remove pop-ups and clear cache step 1

Check if the "Block Pop-ups" and "Fraudulent Website Warning" toggles are enabled. If not, enable them immediately. Then, scroll down and tap "Advanced".

disable pop-ups and clear cache step 2

Tap "Website Data" and then "Remove All Website Data".

disable pop-ups and clear cache step 3

Instant automatic malware removal:

Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:

DOWNLOAD Combo Cleaner

By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.

Quick menu:

What is Hackers hijacked your calendar, infected your battery pop-up?
How to identify a pop-up scam?
How do pop-up scams work?
How to remove fake pop-ups?
How to prevent fake pop-ups?
What to do if you fell for a pop-up scam?

How to identify a pop-up scam?

Pop-up windows with various fake messages are a common type of lures cybercriminals use. They collect sensitive personal data, trick Internet users into calling fake tech support numbers, subscribe to useless online services, invest in shady cryptocurrency schemes, etc.

While in the majority of cases these pop-ups don't infect users' devices with malware, they can cause direct monetary loss or could result in identity theft.

Cybercriminals strive to create their rogue pop-up windows to look trustworthy, however, scams typically have the following characteristics:

Spelling mistakes and non-professional images - Closely inspect the information displayed in a pop-up. Spelling mistakes and unprofessional images could be a sign of a scam.
Sense of urgency - Countdown timer with a couple of minutes on it, asking you to enter your personal information or subscribe to some online service.
Statements that you won something - If you haven't participated in a lottery, online competition, etc., and you see a pop-up window stating that you won.
Computer or mobile device scan - A pop-up window that scans your device and informs of detected issues - is undoubtedly a scam; webpages cannot perform such actions.
Exclusivity - Pop-up windows stating that only you are given secret access to a financial scheme that can quickly make you rich.

Example of a pop-up scam:

Example of a pop-up scam

How do pop-up scams work?

Cybercriminals and deceptive marketers usually use various advertising networks, search engine poisoning techniques, and shady websites to generate traffic to their pop-ups. Users land on their online lures after clicking on fake download buttons, using a torrent website, or simply clicking on an Internet search engine result.

Based on users' location and device information, they are presented with a scam pop-up. Lures presented in such pop-ups range from get-rich-quick schemes to fake virus scans.

How to remove fake pop-ups?

In most cases, pop-up scams do not infect users' devices with malware. If you encountered a scam pop-up, simply closing it should be enough. In some cases scam, pop-ups may be hard to close; in such cases - close your Internet browser and restart it.

In extremely rare cases, you might need to reset your Internet browser. For this, use our instructions explaining how to reset Internet browser settings.

How to prevent fake pop-ups?

To prevent seeing pop-up scams, you should visit only reputable websites. Torrent, Crack, free online movie streaming, YouTube video download, and other websites of similar reputation commonly redirect Internet users to pop-up scams.

To minimize the risk of encountering pop-up scams, you should keep your Internet browsers up-to-date and use reputable anti-malware application. For this purpose, we recommend Combo Cleaner Antivirus for Windows.

What to do if you fell for a pop-up scam?

This depends on the type of scam that you fell for. Most commonly, pop-up scams try to trick users into sending money, giving away personal information, or giving access to one's device.

If you sent money to scammers: You should contact your financial institution and explain that you were scammed. If informed promptly, there's a chance to get your money back.
If you gave away your personal information: You should change your passwords and enable two-factor authentication in all online services that you use. Visit Federal Trade Commission to report identity theft and get personalized recovery steps.
If you let scammers connect to your device: You should scan your computer with reputable anti-malware (we recommend Combo Cleaner Antivirus for Windows) - cyber criminals could have planted trojans, keyloggers, and other malware, don't use your computer until removing possible threats.
Help other Internet users: report Internet scams to Federal Trade Commission.

Frequently Asked Questions (FAQ)

What is a pop-up scam?

It is a scam where a deceptive website shows a fake virus warning, error alert, or another message to trick unsuspecting visitors into performing certain actions.

What is the purpose of a pop-up scam?

Scammers use pop-up scams mostly to promote shady (or legitimate) apps, extract personal information or money, or obtain remote access to devices.

Why do I encounter fake pop-ups?

Users open web pages that show fake messages via untrustworthy ads, notifications from dubious pages, or sites that use rogue advertising networks. Advertising-supported apps can also open such pages.

Will Combo Cleaner protect me from pop-up scams?

Combo Cleaner will scan visited websites and detect untrustworthy ones, including sites designed to show fake pop-up messages. It will show a warning when a website of this kind is visited and restrict access to it.