A little over a year ago, we posted an article here on the OWC Blog that talked about why an anti-virus program on a Mac might not be a bad idea. As you can guess, it wasn’t particularly well-met.
While in the Windows world, you can hardly log on to the Internet without encountering malware of one kind or another, we here on the Mac side of things have made it through relatively unscathed, especially under OS X.
At this time, there are still no actual viruses for OS X out there “in the wild;” there have been some shown in demonstration but most, if not all, of them required actual physical access and/or a manual installation in order to work.
There are, however, reports of “trojan horses” out there, most notably as of late “MAC Defender,” which poses as antivirus software that you download and install.
So while you may not get a virus from opening an email, you can install something pretty darn awful if you’re not careful. But, at least on a Mac, viruses and trojan horses are kind of like vampires: they can’t come in unless you invite them—with your admin password unlocking the door.
Don’t be complacent.
Just because we’re relatively safe from most malware out there, it doesn’t mean we should blindly open every file we come across and install each little piece of software. A little common sense and a proactive approach will go a long way in keeping your Mac safe…and to us is the best Mac anti-virus program available today.
1.) Be aware of what you’re downloading and mounting.
By default, Safari in Mac OS X will mount a disk image it has downloaded, as well as open other archives and such. Turn that option off immediately! Just go to Safari>Preferences, click the “General” tab and uncheck the “Open ‘safe’ files after downloading” option. Now, to open something downloaded from the Internet, you must actively choose to do so.
Firefox has a similar option in its preferences. Go to Firefox>Preferences, click the “General” tab and check the option to “Show the Downloads window when downloading a file.” Now, every time Firefox downloads a file, you have to manually tell it what to do, including an option to cancel the download.
2.) Trust no one.
The “MAC Defender” trojan runs by first showing a fake “Virus Scan” window, then telling you that your computer is infected. Then you download it, and the real “fun” begins – opening windows and sites randomly and then asking for a credit card.
I never got the whole “automatically scanning/download this” scam. If your computer is scanning and found this software, then it should be capable of removing it. If you don’t have something to remove it, how would it see the virus in the first place? Classic “chicken & egg.”
Secondly, the name should be a dead giveaway. Most reputable companies know that “Mac” is not an acronym; it’s short for Macintosh and therefore not written in all caps. The vast majority of the time, the only people who refer to the Macintosh platform as “MAC” are Windows users trolling for Mac/Windows flame wars in forums or other people generally ill-informed on the platform. Frankly, I’d be a bit leery of installing software from someone who couldn’t even get the name of your computer right…
The lesson to learn from this is that unless you know the place you’re getting software from to be a reputable source, skip it – especially if they “come to you” trying to get you to download it.
3.) Make installing that much more difficult.
Over time, we tend to get a little complacent about entering our username and password on our computer. Unfortunately, that complacency can prove problematic down the line. If your main account is an Administrator, all you need to do to install something is type in your password – something that most of us can now do almost reflexively. A “regular” user account can’t install software; you must enter the username and password of an admin to install.
So, as an added step to preventing unwanted software from getting installed, it is recommended that you actually create an Administrator account that’s only used for installing software and use Standard account for your day-to-day work.
That way, if something wants to install, you’ll have to pause a little more and think about it before proceeding – especially if you make your Administrator’s username and password something you really have to try and remember. That will also give you a moment to ask yourself, “what am I actually installing here?”
4.) Don’t pass it on.
This is actually more for protecting your Windows friends than protecting yourself: don’t forward emails/chain letters/funny pictures/et cetera; there is way too much potential for that email or picture to have some nasty code hidden inside.
If you absolutely must pass on that animation of the penguin smacking the other one in the head or something that will bring you great fortune if passed on to 15 others, then create a NEW email and manually re-type the message/re-save the image, then add all your recipients in the BCC field. That way, none of the previous recipients’ emails, nor those that you’re sending to get distributed to someone who’s computer does have a virus.
Or, you can do what I do and just dump that garbage in the Trash without even opening it…
5.) Determine if anti-virus software is really necessary.
In most cases, your answer will be “no,” but if you’re exchanging a large number of file attachments with Windows users, then it may be worthwhile to invest in some anti-virus software.
While your machine may not be able to be infected with a Windows virus, there is the possibility of sending an infected file on to another Windows user. At the very least, you can reduce the odds of you getting blamed for sending that infected file.
However, this is really only necessary in extreme cases. Under most circumstances, all that AV software will do is eat up processor cycles.
Stop and Think.
While the Mac is a relatively “safe” computing platform, its growing market share will make it more of a target in time. However, as long as you keep vigilant and use a little common sense to think things out before installing apps you don’t know, you should be able to keep your Mac safe for a good long time.
I’ve been trying to get a number of things done for my iPhone and I have not gotten any results can you please send me a link to get this resolved thank you isn’t our iPhones supposed to be the best thing on cyber security
this is now 10 years old. Should not come up in “related links” to current articles.
I’m not gonna be able to get the trashy people out of my iPhone because I have no idea how they are doing it
isn’t there still a need to filter incoming attachments, emails, and other traffic for scams, spam, phishing, trojan horses, etc.? We’ve been looking at small standalone hardware devices to use with Apple’s “firewall” and our DSL modem’s added protections since I still feel a need for more safety than your column recommends….
What software or hardware systems DO you recommend for 2-4 Macs on a hardwired ethernet LAN?
If I get one of those “scanning dialogs”, I force quit my browser. Think I trust them not to install something if I click ‘Cancel’ rather than ‘OK’?