Skip to main content
“Congratulations you won” virus popups removal from iPhone, iPad and Mac

“Congratulations you won” virus popups removal from iPhone, iPad and Mac

Beware of the “Congratulations you won” virus on iPhone, iPad or Mac and avoid the ensuing consequences by removing the sneaky infection from the device.

Bedazzled by a prospect of easy gain, many people forget that there is no such thing as a free lunch. Freebies and survey-related gift giveaways sure capture one’s imagination, but some of these are too good to be true and constitute outright frauds. Malicious actors out there are defiantly taking advantage of these nuances when orchestrating their hoaxes going viral on the Internet. When combined with malware, such a tactic becomes a highly effective con. One of these prolific scams zeroes in on iOS devices (iPhones and iPads) and Mac computers alike. Its technical gist comes down to the use of a perpetrating plugin that supports both mobile and desktop versions of Safari, Chrome and other popular browsers. This culprit displays iterative “Congratulations you won” popups during the victim’s Internet sessions, where the message is some kind of a prize claim.

There are several different types of these ads. One of the most widespread variants of the splash notifications pretends to be from Amazon (“Congratulations! Amazon.com User!”). In this scenario, the victim is duped into thinking they have been selected for a chance to get $1000 Amazon gift card, an Apple iPhone or some other high-end gadget. The idea is to persuade the user to tap OK, only to be redirected to a phony survey page that will encourage them to sign up for some junk service. It’s also likely that the landing page will ask for sensitive information, and some people who think that’s worth it run the risk of falling for an identity theft quandary.

Be advised that a great deal of ads from this category have a different wording. An example is the “Congratulations, you have won” introduction. The use of the present perfect tense instead of the past simple doesn’t make this particular iteration substantially different whatsoever. It’s still about the same old trick, where the victim is brainwashed into filling out a survey, subscribing to a new fraudulent service, downloading something malicious or potentially unwanted, or handing out too much personally identifiable data than they ever should. The catch is basically the same: a gift card worth a fortune, or some expensive mobile device most people would be happy to own.

Rather than pass themselves off as entities from Amazon, the adverts may alternatively pose as ones from Google. These are themed “Congratulations! Google User!” Again, the red herring element here boils down to the “good news” that the person is a lucky one and is entitled to a gift out of the blue. The listing of the purported presents is just as vanilla as in the other cases: a prepaid card worth a grand – possibly one from Walmart, or a fancy smartphone by Apple or Samsung. This isn’t the only persuasion trick, though. The popup also says, “Please click OK to claim your prize before we give it away to somebody else”. Obviously, a phrase like that puts extra pressure on the user and encourages them to unknowingly dive deeper into the hoax and follow the crooks’ tips without delay.

Of course, it’s flattering to read things like:

  • “Congratulations! Google User! You've been selected as a winner for the free iPhone X 256G”
  • “Congratulations! Amazon.com User! You’ve been selected for a chance to get the $1000 Amazon/Walmart gift card”
  • “Congratulations, you could be today’s lucky winner” on your Mac, iPhone or iPad.

The problem is, these ads are most likely counterfeit. Although the specifics in such notifications might vary (different vendors and gifts), the ultimate goal is to trick you into exposing confidential information via a questionnaire that’s an identity pilfering contrivance in disguise. As mentioned above, the other possible outcomes may include drive-by malware downloads and subscriptions that will charge follow-up fees behind one’s back.

With numerous versions of the fake “Congratulations you won” popups in rotation, they all have a common denominator. It’s a virus that affects the web browser on iPhone, iPad or Mac and coerces it to trigger the bogus ads over and over. In other words, this isn’t only an annoying predicament – it’s also a malware issue that results in the intrusive advertising. Therefore, the starting point in the troubleshooting process should involve a security cleanup of the infected iOS or macOS device and remediation of the browser problem.

iPhone virus popups manual removal in iOS

As per the anatomy of this hijack, settings of the web browser that may have gotten hit by the virus should be restored to their default values. The steps for performing this procedure are as follows:

  1. Safari troubleshooting on iPhone / iPad
    • Go to Settings and select Safari on the menu
    • Tap the Clear History and Website Data option

    • Confirm by tapping Clear History and Data. Check if the problem with Safari has been fixed. In the event the iPhone / iPad virus popups are still there, proceed to next step.
    • When on the Safari Settings screen, tap Advanced. Find the JavaScript entry there and toggle it off. This should solve the problem

  2. Reset Chrome on iPhone / iPad
    • Open Chrome browser, go to Settings and select the Privacy entry. Then, tap Clear Browsing Data

    • As the menu expands, make sure the following options are checked: Browsing History; Cookies, Site Data; and Cached Images and Files. Now, tap Clear Browsing Data and confirm before exiting. The popup and redirect activity should now stop in Chrome.

“Congratulations you won” popup virus manual removal for Mac

The steps listed below will walk you through the removal of this malicious application. Be sure to follow the instructions in the order specified.

  1. Open up the Utilities folder as shown below

  2. Locate the Activity Monitor icon on the screen and double-click on it

  3. Under Activity Monitor, find an item that appears suspicious, select it and click Quit Process
  4. A dialog should pop up, asking if you are sure you would like to quit the troublemaking process. Select the Force Quit option
  5. Click the Go button again, but this time select Applications on the list. Find the same dodgy entry on the interface that clearly doesn’t belong there, right-click on it and select Move to Trash. If user password is required, go ahead and enter it

  6. Now go to Apple Menu and pick the System Preferences option

  7. Select Accounts and click the Login Items button. The system will come up with the list of the items that launch when the box is started up. Locate the potentially unwanted app there and click on the “-“ button

Get rid of “Congratulations you won” popup virus in web browser on Mac

To begin with, settings for the web browser that got hit by the “Congratulations you won” virus should be restored to their default values. The overview of steps for this procedure is as follows:

  1. Reset Safari
    • Open the browser and go to Safari menu. Select Preferences in the drop-down list

    • Once the Preferences screen appears, hit the Privacy tab at the top. Find the option that says Remove All Website Data and click on it

    • The system will display a confirmation dialog that also includes a brief description of what the reset does. Specifically, you may be logged out of some services and encounter other changes of website behavior after the procedure. If you’re okay with that, go ahead and click the Remove Now button

    • In order to selectively clear data generated by certain websites only, not all of them, hit the Details button under the Privacy section of Safari Preferences

    • This feature will list all websites that have stored potentially sensitive data, including cache and cookies. Select the one, or ones, that might be causing trouble and click the appropriate button at the bottom (Remove or Remove All). Click the Done button to exit.
  2. Reset Google Chrome
    • Open Chrome, click the More (⁝) icon in the top right-hand part of the window, and select Settings in the drop-down
    • When on the Settings pane, select Advanced
    • Scroll down to the Reset settings section. Under the Restore settings to their original defaults option, click the Reset settings button

    • Confirm the Chrome reset on a dialog that will pop up. When the procedure is completed, relaunch the browser and check it for malware activity.
  3. Reset Mozilla Firefox
    • Open Firefox and select HelpTroubleshooting Information
    • On the page that opened, click the Reset Firefox button

Use automatic tool to uninstall “Congratulations you won” virus from your Mac

The Mac maintenance and security app called Combo Cleaner is a one-stop tool to detect and remove the “Congratulations you won” popup virus. This technique has substantial benefits over manual cleanup, because the utility gets hourly virus definition updates and can accurately spot even the newest Mac infections.

On top of that, the automatic solution will find the core files of the malware deep down the system structure, which might otherwise be a challenge to locate. Here’s a walkthrough to sort out the “Congratulations you won” popup issue using Combo Cleaner:

  1. Download Combo Cleaner installer. When done, double-click the combocleaner.dmg file and follow the prompts to install the tool onto your Mac.

    Download Now

  2. Open the app and let it run the update of malware signature database to make sure it can identify the latest threats.
  3. Click the Start Combo Scan button to check your Mac for malicious activity as well as performance issues.

  4. When the scan is complete and Combo Cleaner returns the results, click the Remove Selected Items button and have the utility remove the “Congratulations you won” adware along with any other viruses, PUPs (potentially unwanted programs), or junk files that don’t belong on your Mac.
6

Was this article helpful? Please, rate this.

There are no comments yet.
Authentication required

You must log in to post a comment.

Log in