I recently read an article on MacDefender ( Thomas Reed [ Reed Corner Design] http://www.reedcorner.net/news.php/?p=82 ) after someone I follow on Twitter posted the link.
The article is a well described explanation of how the creators of this ‘scareware’ have used a flaw in the Safari browser security to attempt to get users to install a fake Anti Virus software. It appears, from the article, that the people behind the ‘scareware’ are still using Windows OS screenshots to try and trick OS X users into installing the software but I’m sure that they will change these to OS X like screen shots in the near future.
As with most of the scare stories about malicious content for OS X, it appears that the software can only get on your machine if you give the software permission to install.
From what I have heard and read the simplest way to protect yourself from such attempts to compromise your OS X machine is to disable the setting in Safari that allows known ‘safe’ content to be run on download:
Choose Preferences from menu
Select General tab
untick “Open ‘safe’ files after downloading”.
I would like to state that at the point of writing it appears that the web pages that produce the scare page are reported to show a windows screen not an OS X screen, the software may be downloaded automatically and unpacked but the user still needs to provide authentication for the software to run. There are loads of things that users should realise are wrong and they should not be giving any software from an unknown and entrusted website permission to install software.
I do however understand that after all the scare stories in the press people panic and think they are doing the right thing. People follow instructions blindly when they are in a panicked state and the creators of this type of attack rely on this to get users to compromise the OS X security themselves.
I know of one person who was affected by this and has been a Mac user for many years, so I sympathise with anyone who was caught out.
My wife has had something similar appear on our Windows laptop and was smart enough to close it down or call me for assistance.
The people behind this ‘scareware’ try to trick Windows and OS X users into compromising the security of their own computers by frightening the user into installing the software for them. Protect yourself by thinking through your actions before you do anything.
Would you let a stranger in your house if they knocked on the door & said they had seen a burglar, would you? there’s no difference, stop and think before you act, ask for assistance from an IT support person if unsure.
Keep safe people.