Everything you need to know about Mac scareware
How to spot fake Mac security software, how to get rid of it and what to do to stay safe
Computerworld - You'd think it was the end of the world.
The fact that Mac users have fallen victim to "scareware" scams -- the kind that have long plagued Windows users -- shouldn't come as a surprise. After all, fake antivirus software schemes like MacDefender don't have to rely on exploitable vulnerabilities, but instead typically depend on tricking users into visiting malicious sites and duping them into installing the software.
And Mac users, for all their pretensions otherwise, are as fallible as the next person.
But from the news accounts this month about MacDefender, and the posts not only on Mac-specific blogs but also on ones usually devoted to Windows, you could be forgiven for thinking that Macs are suddenly the victims of choice.
They're not. Windows machines remain the most common target because, well, globally Windows PCs outnumber Mac OS by more than 16-to-1.
What is true is that Mac users now face the same scareware scams that Windows owners have had to deal with for years.
So what's the deal? Macpocalypse or not? And what should you watch for, and what can you do to keep safe?
Those are the questions we try to answer.
Is MacDefender a worm? Nope. Although MacDefender and its ilk fall under the general term "malware" -- as in, it's malicious in some way -- it's not a virus, not a worm, not a true Trojan horse.
Instead, its one of a long line of "scareware" or "rogueware," terms that apply to fake -- hence "rogue" -- software that tries to spook you -- that's the "scare" -- into paying for a worthless program.
The labels are usually slapped on phony security software that claims a computer is heavily infected with worms, viruses and other malware. Such software nags users with pervasive pop-ups and fake alerts until they fork over the "registration" fee, which in MacDefender's case ranges between $60 and $80.
The criminals monetize their work by collecting these fees. And it's a profitable trade, at least where Windows scareware's concerned. Back in 2008, SecureWorks, now owned by Dell, said that some bad guys were making as much as $5 million a year shilling scareware.
So MacDefender isn't hacking my Mac? No. Although scareware targeting Windows has been known to silently plant itself on PCs after other malware first exploits a security vulnerability in the OS or other software, MacDefender doesn't.
That's a possible future move, of course, assuming attackers spend the time digging up an unpatched vulnerability in, say, Mac OS X or a browser like Safari or Firefox, and then write an exploit.
So how do Macs get infected with things like MacDefender? Easy, they dupe users into doing the job for them.
- Apple has bigger plans than just song ID with Shazam deal
- Mac Pro shortage sets record as worst Mac production debacle
- Apple slates WWDC for June 2-6, sets up ticket lottery
- Apple patches Safari's Pwn2Own vulnerability, two-dozen other critical bugs
- Microsoft's free OneNote vaults to top of Mac App Store chart
- Apple discounts iPhone 5C 8%-9% in five markets via storage cuts
- Apple hands stock worth $12.1M to top execs in retention deal
- Hands on: Apple's Mac Pro is the fastest Mac ever
- Apple CFO to retire in September after he cashes in $53M stock award
- Apple's CarPlay to spark mobile apps war in your car
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts