Simple common sense

Posted: June 22nd, 2011 | Author: | Filed under: Internet, Mac | No Comments »

A few weeks ago there was a great hullabaloo about the first large-ish scale trojan to hit Mac OS X. MAC Defender and its variants were heralded as the first in a wave of threats against the Mac platform, and proof that we Mac users were about to be knocked from our smug high horses.

Well, let’s get this into perspective. OS X is now nearly 10 years old, and this is the first instance of a piece of malware running wild. And the thing is, it’s entirely avoidable (as are many Windows infestations) by using simple common sense.

Here’s a picture of a MAC Defender window.

MAC Defender

MAC Defender, from Arstechnica.com (click for large version)

This scary looking window relies purely on social engineering to make you accept its warnings. It looks like an official window, but is it? Look closely.

Firstly, there’s its name – MAC Defender. Macs are Macs, not MACS. Why the capitalisation? Then read the text. It is littered with grammatical errors and non-sensical sentences – “The largest worldwide companies trust MAC Defender their nets and security”, for example. Does this look like the work of an official product, or a bunch of scammers?

Then consider the ultimate purpose of the application – to harvest credit card numbers by making you buy their product (amusingly the window pictured shows the words “credit card” capitalised, as the creators of this trojan promise to protect you from exactly what they’re up to).

Simple common sense dictates that you do not ever type your credit card information into something that has appeared on screen unbidden.

You can protect yourself more though. A glaring flaw in the Mac’s security has always been Apple’s decision to allow downloads to open automatically. This is what has allowed this malware to infect people – visit an infected page, or click an infected link, and not only does the malware download but is able to open. You can protect yourself by turning this option off in Safari.

 

Safari preference window

Safari preferences

Make sure that the last option “Open safe files after downloading” is unchecked. Now whatever is downloaded to your machine, by choice or by not, will remain in your downloads folder until you choose to open it. If in doubt about where something came from, don’t open it. Simple common sense.



Leave a Reply