On the Internet, trust no one. Or at least, as President Reagan famously said, “Trust, but verify.” In particular, whenev
The most recent example supporting this advice is the MAC Defender Trojan horse. As previously covered here at Macworld, after clicking a link to a site that comes up in a Google search, a message may pop up claiming that your computer is “infected.” At the same time, a ZIP file is downloaded to your Mac. If you’re using Safari, the file is automatically launched, unless you disabled the option to ‘Open “safe” files after downloading’ in Safari’s Preferences. The downloaded file turns out to be an installer for a supposed piece of software named MAC Defender. You are asked to purchase this software so as to fix the “infection.”
It’s all a scam. There is no actual program to install. The goal of the creators of this con is simply to get your money and credit card number.
After reports of the scam began circulating on the Web, the package was modified with a new name: MAC Security. It’s just as phony.
This is merely the latest in a series of similar scams. For example, as reported in an Apple Support Communities thread posted in January, Skype users may receive a false alert claiming: “ATTENTION! Security Center has detected malware on your computer.”
How can you tell if these warnings are phony? What should you do if and when you receive one?
For starters, assume that all such unfamiliar messages are scams. Better safe than sorry. There are no legitimate error messages in Mac OS X or Safari (or any other Internet-connected software that I have ever used) that directly link to unrelated third-party sites. If the third-party site requests any personal information, from an email address to a credit card number, be even more suspicious (if that’s possible).
Don’t click on any links included in such messages. Don’t install any software that accompanies the message. Don’t provide any personal information at all. In fact, don’t do anything that the message requests that you do. Just ignore it and discard it.
Similarly, beware of phishing scams in emails that you receive. If you get an email, even from a website that you frequent (such as Facebook or PayPal), that includes a link to login to the site: beware. It could be a fake message taking you to a phony site—all designed to trick you into giving scammers your username, password, and/or credit card number.
Sign up for CIO Asia eNewsletters.