cover image cover image blurred
March 02, 2015

Safari Javascript Pop Up Scam

Recently a friend sent me a link showing that my mac app is being torrented and the link opened several tabs one of which started an infinite popup loop. The message displays a scam asking people to call a number for support to fix the issue. We're dealing with real lowlifes here. They likely operate overseas and shutting these operations down I assume is a jurisdiction nightmare. The real question is why in the world does Apple allow Javascript pop ups in Safari to be completely blocking. 

But first on to the solution

The pop up blocks access to the close button but we can easily force-kill Safari from the activity monitor. Of course I had about nine million important tabs open and didn't want to lose them with a fresh Safari restart. Searching online some suggest trying to trigger Command-W quickly after pressing enter before the popup regenerates. Command-W normally closes the active tab but in my case I could never get it to trigger fast enough. 

Steps to stop the popup while retaining current session

1) Open the "Activity Monitor" app and force-kill Safari
2) Hold down shift while re-opening safari (This starts a blank session but don't worry)
3) Open preferences (Command-comma), go to the "Security" tab and uncheck "enable javascript"
4) Go to "History" and "Reopen All Windows From Last Session"
5) All pages should be back including the offending popup page, be sure to go close that tab.
6) Go back to preferences and re-enable javascript (It's necessary for the modern web)

Why is this even possible

If you encounter a site like this while using Chrome or Firefox you'll still experience the popup but the browsers behave reasonably and allow you to stop further popups. It's insane that Safari hasn't addressed this issue, it can't be that difficult of a fix and it would quickly shut down this kind of scam. I'd go even farther and say let's just deprecate alert boxes. It's 2015 and an in tab modal is basically always a better choice than an alert window. Here is an interesting discussion on Quora about the issue. There are tens of thousands of views on the Apple Discussion Forum threads regarding this issue Apple clearly needs to address. People suggest reporting the scam to Apple but why go after the scammers when Apple could fix the actual software issue.

If you enjoyed this post subscribe below for occasional updates and goodies.
comments powered by Disqus