Before I begin I have to say that these are becoming a favorite of mine now, so here’s yet another tech support scam. This one is quite different though because it disguises under Apple’s remote assistance website (www.ara.apple.com) where users go when they have an issue with their Apple computer and want to have a technician troubleshoot it using a service such as LogMeIn or TeamViewer. This scam is registered to a domain similar to Apple’s official remote assistance website (www.ara-apple.com) and tricks the visitor of the site into calling a phone number which presumably connects them to a scam center in India.
This tactic isn’t particularly new as there are many websites that tell the user to call a number or visit a website to “seek assistance”, but this one is different in the way that the bogus Apple assistance website the user visits starts providing them with .dmg downloads that they need in order to “begin the troubleshooting process”. It only gets worse from there as the user starts downloading malicious programs onto their computer and most likely does more damage to it than before. So much for assistance.
What’s also pretty funny is that the website is registered to some guy in Delhi, India and he used GoDaddy to register it. Malwarebytes, the organization which initially posted about this site just yesterday, reached out to GoDaddy in hopes of getting the site down.