Don’t Click! Malicious Phishing at uuchurch.org for iPhone/Apple Users

Note: This has been fixed. Please see Update on Phishing Hack.

University Unitarian Church was recently made aware of an attempt to coerce visitors to our website into installing malicious software on their mobile Apple devices, e.g. iPhones. When you visit uuchurch.org, regardless of what browser you use, a pop-up may appear that takes you to a page warning you of a security threat to your phone and asking you to downlead software to make visiting our site safe. (This only happens if you point your browser to “uuchurch.org” and not if you point it to “https://www.uuchurch.org.” The “s” at the end of “https” stands for “Secure.”)

This is an attempt by hackers to get you to click on their website and download software that will most likely attempt to collect personal data like credit card numbers or bank account information. We are working with our IT company to get this addressed, but in the meantime, we are asking that you do not click on any pop-up that appears when you visit uuchurch.org. If a window like this does open, please close it immediately.

We thank you for your patience and understanding as we work to address this issue.


You may see pop-ups that look like the below. Again, don’t click on anything in the pop-up; just close the browser window.

https: //saumeechoa.com/?rzi=... We want to make sure that you are not a robot: ...
Apple Security CRITICAL THREAT! Your Apple iPhone has been infected with 21 viruses after visiting...

3 Responses

  1. Nick Barnard says:

    This response is unacceptable. Having a site that is dangerous to users and simply posting a warning, is the equivalent of having a room which has a floor covered in shards of broken glass. While mitigating the issue by posting a small sign inside the room that anyone entering the room should be wearing closed toed shoe with ample leather soles. This announcement does nothing to properly mitigate the issue. UUC should have remediated the issue on its server promptly, within eight hours, or the website should have been taken offline. (The suggested mitigation of only accessing the site over https most likely means that the site is still infected, only the users web browser’s protection of preventing elements served over http from being present on a page served over https is protecting users accessing the site via https.)

    (I’ve sent a more detailed email to Jon Luopa and the Board of Trustees.)

    • UUC Staff says:

      Thank you for your thoughtful comments, Nick. I appreciate your and others’ patience as we continue to work with our IT company to get this addressed, as we mentioned in the original post. Contracting with IT professionals, which we do not employ on staff, is our response to the matter. Our post was only meant as a notification. You are correct, an announcement is not mitigation. Mitigation is what we are in the process of finishing this morning. More information will be posted soon to amend our original post with current status. -Byron Krystad, Director of Operations

  2. UUC Staff says:

    This was fixed yesterday afternoon. Please see May 11, 2022 post, https://www.uuchurch.org/2022/update-on-phishing-hack/.

Post a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.