Apple update iPhone’s Safari to prevent “scareware” scam

ByCraig Haley

IPhone users are urged to update to the latest version of the Safari browser if they haven’t already as it patches up a security loophole that allows scammers to lock the mobile browser with scareware ransom demands.

The scareware campaign would manifest itself as a pop-up appearing in the Safari browser. The pop-up would claim that the phone was locked because the user was identified as having browsed “illegal pornography” and that the victim would need to pay a fine in order for the phone to be unlocked.

This is a common scareware ploy that both mobile and desktop users may be familiar with. The scareware purports that the device is locked (or the files have been encrypted) but this is just a trick to lure victims into paying up. The device isn’t really locked, unlike with genuine ransomware that actually does encrypt your personal files.


Sponsored Content. Continued below...




Technically apt users would soon realise that they could clear the cache settings in Safari through the iPhone’s main settings section (Settings > Safari > Clear History and Website Data) to effectively remove the scareware campaign. However non-technically inclined users may not realise how to do this and in some cases may have been alarmed enough into paying the fee (payable through a $100 iTunes top-up card.)

The scam exploited a security loophole related to Javascript, a scripting language many websites use.

However with the iOs 10.3 update, this exploit is fixed, by preventing spammy pop-ups from taking control of the entire Safari app, thus allowing iPhone users to browse away from any offending website using an alternative “tab”.

Remember, if a pop-up window appears in your browser demanding you pay a fine to “unlock” your phone – even if that demand appears to come from the police – don’t pay! It is probably just a scareware pop-up, which can be removed.

So if you haven’t updated already or manually plan your updates, get Safari updated soon.

Keep up-to-date with all the latest cybersecurity threats and our tips to stay safe online. Follow us on Facebook, Instagram and Twitter.

Continued below...


Thanks for reading! But before you go… as part of our latest series of articles on how to earn a little extra cash using the Internet (without getting scammed) we have been looking into how you can earn gift vouchers (like Amazon vouchers) using reward-per-action websites such as SwagBucks. If you are interested we even have our own sign-up code to get you started. Want to learn more? We discuss it here. (Or you can just sign-up here and use code Nonsense70SB when registering.)

Become a Facebook Supporter. For 0.99p (~$1.30) a month you can become a Facebook fan, meaning you get an optional Supporter Badge when you comment on our Facebook posts, as well as discounts on our merchandise. You can subscribe here (cancel anytime.)