Mac Malware and Scams are on the Rise

Mac Malware and Scams are on the Rise

Recently, I've been hearing from quite a few clients that think their Macs are infected with viruses because their Macs are not running optimally. Although there are no known Mac viruses in the wild, there is malware out there that will make your Mac act strangely. Unfortunately, just like the story from antiquity about the Trojan Horse being let into the city gates by the Trojans as a “parting gift” from the Greeks only to have said Greeks spew out of it at night to sack the city, you can introduce malware to your Macs by going to “less than reputable websites” and downloading software that promises all kinds of things in exchange for your Mac’s password to install it. You can avoid most malware by not downloading software from questionable websites or websites with which you’re not familiar.

Just last week, a new client was referred to me by a mutual friend because her Mac suddenly started alerting her that she was at risk and that she needed to visit a certain website or call a toll free number to resolve the issue. The notification she received indicated that it was urgent and insistent that she should call the Tech Support number shown on the screen. When she called, the foreign “customer service representative” offered to fix the issue for $200 and needed her credit card number before he could help her. To add insult to injury, the “customer service representative” was able to convince her to allow him to log into her Mac and she even gave him her Mac’s master password! This fake tech support scam is simply a “human engineering” scam that preys on people’s fears about computer viruses. Fortunately for my client, she did not give the “tech” her credit card number! Since the “tech” had her Mac’s master password, he potentially had access to her Keychain Access program and its stored logins and passwords as well as any passwords stored in Apple’s own Safari web browser. I did advise her, however, to log into all of the websites she frequents (e.g. bank websites, social media sites, other websites, etc.) and change all of her passwords so that each website has its own unique password that she’s not used before. The “tech” also directed her into the Terminal app, so he had access to the Mac’s operating system’s underpinnings. I took care of that for her by wiping her drive and installing a fresh copy of the Mac operating system and reinstalling her user files (paying close attention to those as well so as not to reintroduce anything that that “tech” may have changed while logged into her Mac).

How do you know if you have malware installed on your Mac? Well, what will likely happen is you will visit a website which will generate “pop up” windows that stay active in your web browser. An example of these pop ups is MacKeeper or CleanMyMac. Both of these pop ups will try and instill a sense of fear that your Mac is running less than optimally or has otherwise been compromised. Coincidentally, if your Mac is sluggish because you don’t have enough RAM in it (have you been seeing the Rainbow Pinwheel a lot lately?) or you haven’t restarted your Mac since Steve Jobs’ last Macworld Keynote Address, you may see those pop ups and genuinely think you have a problem and be tempted to download and install either or both of those programs. All you need to do is close all the windows in the browser you’re using (e.g., Safari, Firefox, Chrome, Opera, etc.), then quit and relaunch that browser. It's important to close all the windows before quitting so they don't open again a second time when you relaunch the browser. Restarting the computer is also a good idea. I also recommend running Cocktail at least once a month to keep your Mac running swimmingly. To me, MacKeeper and CleanMyMac border on being malware because they are marketed not as useful utilities but are marketed in such a way to instill fear that if you don’t download them, buy them, and use them, your Mac would be somehow compromised or run less than optimally. In short, you don't need them!

Using a Mac on the Internet is still relatively safe but the growing Mac user base seems to be attracting more social engineering scams. No virus or malware detection program will detect those but Good Old Common Sense™ should! As President Ronald Reagan used to say about the Soviet Union: “Trust, but verify!” If you’re not sure if something is a scam or malware, please send me an email with a screenshot of what you’re seeing or at least the text of the dialog box you’re seeing and I can help verify its authenticity.

As always, Tech Me Back LLC is here to help you with all of your Mac and iOS needs.