On the Internet, trust no one. Or at least, as President Reagan famously said, “Trust, but verify.” In particular, whenever an unusual and unexpected message appears on your computer, be suspicious of its authenticity.
The most recent example supporting this advice is the MAC Defender Trojan horse. As previously covered here at Macworld, after clicking a link to a site that comes up in a Google search, a message may pop up claiming that your computer is “infected.” At the same time, a ZIP file is downloaded to your Mac. If you’re using Safari, the file is automatically launched, unless you disabled the option to ‘Open “safe” files after downloading’ in Safari’s Preferences. The downloaded file turns out to be an installer for a supposed piece of software named MAC Defender. You are asked to purchase this software so as to fix the “infection.”
It’s all a scam. There is no actual program to install. The goal of the creators of this con is simply to get your money and credit card number.
After reports of the scam began circulating on the Web, the package was modified with a new name: MAC Security. It’s just as phony.
This is merely the latest in a series of similar scams. For example, as reported in an Apple Support Communities thread posted in January, Skype users may receive a false alert claiming: “ATTENTION! Security Center has detected malware on your computer.”
How can you tell if these warnings are phony? What should you do if and when you receive one?
For starters, assume that all such unfamiliar messages are scams. Better safe than sorry. There are no legitimate error messages in Mac OS X or Safari (or any other Internet-connected software that I have ever used) that directly link to unrelated third-party sites. If the third-party site requests any personal information, from an email address to a credit card number, be even more suspicious (if that’s possible).
Don’t click on any links included in such messages. Don’t install any software that accompanies the message. Don’t provide any personal information at all. In fact, don’t do anything that the message requests that you do. Just ignore it and discard it.
Similarly, beware of phishing scams in emails that you receive. If you get an email, even from a website that you frequent (such as Facebook or PayPal), that includes a link to login to the site: beware. It could be a fake message taking you to a phony site—all designed to trick you into giving scammers your username, password, and/or credit card number.
As a rule, whenever I receive any such messages from known vendors, if I think there is any chance that the message is legitimate, I separately log in to the site, ignoring the provided link. If I truly need to perform the requested action, I should be prompted to do so.
The same rule applies to e-mail attachments. Be especially suspicious of unsolicited attachments from unknown senders. In this regard, Microsoft recently posted Security Bulletin MS11-036, describing a vulnerability in Microsoft PowerPoint that could “could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker… could gain the same user rights as the logged-on user.” You could be at risk by opening a suspect PowerPoint file that you received in an e-mail. On a Mac, the danger is limited to Microsoft Office 2004 and 2008 (not the latest 2011 version). An update to patch the security hole is in the works, and should be available soon.
This is the world we live in—where being skeptical typically pays off and being trusting too often leads to disaster. Still, I suppose it’s always been that way, at least as far back as when P.T. Barnum is purported to have said “There’s a sucker born every minute.” The technology keeps getting updated; the dangers stay the same.