Keep your guard up at ALL times – the baddies are out there…
As you know, I am a died-in-the-wool MacBook user and Apple lover – this weekend I think that love affair saved me from a very, very nasty and possibly crippling experience.
To tell the story properly and in full it’s probably best I give you context and start at the beginning – which was one week ago.
Part of the job
Apart from writing here most days on Medium, part of the ‘brand’ is my YouTube channel. On there, I make videos about very similar kinds of topics but often branch out to chat about Android as well.
So, part of running a YouTube channel, as it grows, is to try to attract sponsorship. These channels, certainly in the tech space cost a lot to run. In the last month, I have bought both the iPhone 15 Pro Max and this week I will take delivery of the Pixel 8 Pro – those two purchases alone have cost me over £2000.
With Google in a bit of a mess right now – what with being in court on anti-trust charges and the whole invalid traffic mess (that I am caught up in) earning money in an attempt to cover my costs is a necessity.
AdSense for a channel my size is the only way to start until you manage to gain the attention of sponsors – which is where this cautionary story truly starts.
A surprise
Last Sunday I woke up and checked my emails on my iPhone in bed and there was one that caught my eye – a company were interested in sponsoring a video.
Not wanting to go any further on the phone, I waited until I was in the studio and read the email properly on my MacBook. As creators we get an awful lot of emails – most of them junk. Normally it’s ever so easy to spot the dodgy ones as they have bad grammar, are vague, and generic. As soon as I start to read that kind of email it’s a case of ‘block & delete’.
But this one was different – from a gentleman named Harper Alexander, it was ever so well-written, eloquent even and was an introduction explaining what they had in mind and asked if I’d be interested in collaborating with them – the brand they said they were representing was Fiji Water – a household name.
By habit, I always look at the domain before going any further. The domain checked out so I thought it was safe to respond. ‘Harper’ came straight back to me saying how happy he was that we could look to work together and referred to his ‘client’.
Hopefully, you’re enjoying this story - if you wanted to say ‘thank you’, the best way is simply to clap, highlight and get involved in the comments. And my promise to you…If you get in touch I will answer! So clap, highlight and comment away…
A first
I’ve been working hard – ever so hard at this business since September 2021 and although I regret none of it, the journey has been bloody brutal at times.
This email came as a fillip – I thought at last my hard work was getting recognised and I was about to earn proper money. They agreed to pay $650 – 50% upfront and 50% once the video was live, with no link to views. Everything still sounded genuine enough to me at this point. There was a deadline of 15th October to get the video uploaded.
The links they gave me to check in the email were all links to the real Fiji Water – but I broke my first rule and didn’t check the domain from the ‘client’ – support@fijiwater.bio – I know, I know, how could I be so stupid?
A week on I realised the idiot I was – I was so keen to run my first advert on the channel and recoup some money. In short, I fell for the honey trap.
I made the cardinal sin of downloading the supplied video files – all they asked was that I run the ad in the first 60 seconds of my video – easy – deliver the hook, then run the ad.
Honestly, I feel such a stupid fool as I write this, but if I can save just one person the anxiety I’ve had through this, writing this story will be worth it.
So, last Monday I shot the A-roll to my video – and get this, I went and bought a bottle of Fiji Water and had it casually in my hands through the video – I thought that would go down well and show how keen I was to work with them.
I carried on editing – I even sent them a screenshot of me holding the bottle and said I had to upload the video by Thursday morning latest.
I heard nothing back which was a kick – it seemed I had been ghosted – but hey, no worries, I guessed the fit just wasn’t right…onwards & upwards…
The moment of truth
Last Friday evening I recorded my podcast Minus Sixteen with Alex.
Our podcast generally follows the format of a quick catch-up, then talk gear and product and we finish up talking about the business of YouTube – and folks seem to like it.
I hadn’t spoken with Alex in a few days, so live on the podcast I told him about my exciting news…his face fell…oh sh%t – what have I done? Alex being more experienced knew instantly that I had been scammed – and you can see my reaction live;
I will give myself a tiny pat on the back for carrying on recording the podcast as if nothing had happened, whilst inside all I wanted to do was chat to Alex to find out how much trouble I was in – he was worried but said the one thing I had in my favour was that I was using Apple and was working on a Mac – and I think it was that which may have saved the day.
Apple Support
I came into the studio early Saturday morning with the words of Alex still ringing loudly in my ears I was worried when for no reason at all iMessage on my MacBook Pro was asking me to sign in – even though I had changed nothing.
I am guessing you can imagine how I started to feel – had I been hacked? And if I had what could I do? Was I too late?
In my mind, it made some sense they’d go after my Apple ID as there was a bank card attached to it and all my passwords are in either Apple’s Password App or Keychain Access – if they had hacked into my iCloud account then maybe that was why iMessage was randomly asking me to sign in. It was the same on my other Apple laptop too – the M2 MacBook Air.
Last Saturday was supposed to be an easy day – edit and upload the podcast and that was pretty much it. Instead, it became a long, horrid, stressful day.
Time for change
First things first – time to change my Apple ID and my MacBook Pro password.
I was aware it may be too little too late – but I had to do something to protect myself. I have had the same Apple ID for over 5 years and truth be known, considering the gateway it represented to a ton of personal data – the old password was too simple.
I knew that re-setting it would be a pain – my complete ecosystem would need to be logged back in – Apple TV, iPad, iPhone, MacBook Air, Apple Music…the list goes on and on – but that aggravation was a very small price to pay if it protected me.
And with the ‘in for a penny’ mentality coursing through me I decided to change the MacBook Pro login password as well – I had to take the belts and braces approach.
What else could I do? Thank god I had Clean My Mac installed – I knew it had a Malware Removal feature so I ran that. I can tell you the wait the first time it ran its scan was insufferable – thankfully nothing was found.
Support
After creating my new Apple ID – this time suggested by Apple’s Password app and far more secure – iMessage continued to be an issue.
I’ve had mixed dealings with Apple support, but on Saturday the agent I dealt with was brilliant – patient and thorough. I had no warranty left, so I wasn’t sure how I would get on when I called them – but that was never a problem.
Although at first we had some issues connecting a screen share session, eventually we managed it. They took a look around and could see that some kernels and data had been left behind in Keychain after I re-set the password – normal apparently. I was warned that I would need to sign back into my email accounts and they just wanted to check I had those credentials and then walked me through the steps of what needed to be done.
Still nervous
Later Saturday I noticed that iMessage wasn’t in sync with my iPhone – obviously, I was nervous.
I called Apple support one more time and this time it was explained to me that because I had re-set the Apple ID in macOS it could take up to 24 hours to settle down. They suggested waiting and if there was still an issue on Sunday to call back. iMessage on my iPhone seemed fine.
As of today luckily everything seems to be okay.
Not out of the woods
I know it is still early days and I am being ever so cautious.
I am running Clean My Mac’s Malware Removal several times a day right now and will continue to do so for a while to come. I know it’s not an answer to everything…but it’s something right?
I am glad I went through the hassle of resetting my Apple ID – I feel much safer now. I had not given serious thought to the key to the treasure chest that your Apple ID is – make sure your password is a strong one, please!
Where I used to think 2FA was a right pain in the arse, every time it comes up now I could not be more relieved. If someone is trying to log into my Google account or YouTube channel I will be notified on my phone.
The same is true with my Apple ID and Adobe’s Creative Cloud. What I once thought was a nuisance I now relish and embrace with both hands. After all – once burnt…
Apple suggested making certain that no unusual purchases were made in the App Store over the next few days and thankfully only my business bank account details are on that MacBook Pro as I use the app on my iPhone for my personal banking.
Silly I know, but just now Universal Control dropped – I’ve had that happen beforehand and never thought anything of it – today though there was a voice inside saying ‘Oh no’! As ever a quick reboot and all is fine.
Learn from my stupidity
What I have gone through since Friday has taught me a lesson.
Here is me trying to hack a living in the tech space and even I got caught. I tried hard to be vigilant and cautious but vanity and the need to earn a living won out.
I had to use a RAR extractor to get into the video folder in the first place. I was used to that as I had used RAR extractors many times to grab music files from producers and artists, so that didn’t raise any alarm bells – it’s simply a method of compressing large folders.
Thinking back there was one folder I couldn’t open – the folder that had the ‘contracts’ in just wouldn’t open – potentially the fact that even my MacBook and Apple’s macOS couldn’t get into that folder may have saved the day.
What they were looking for who knows. I am guessing they were looking to leave some trojan horse in my system and I’ve heard that these criminals are often looking to hack passwords or look for crypto wallets. If they manage to get into your system they let you know via Telegram asking for a $1000 release fee.
I am still nervous and will be cautious for some time to come. Apple has long played the privacy and security game and we know that macOS is harder although not impossible to crack.
This weekend more than at any other time I am so happy I am part of the Apple walled garden. I don’t want to shout too loudly, but maybe being an Apple user and on a Mac saved me big time!
If you fancy installing Clean My Mac here is an affiliate link – it might just save the day!