Daniel’s Mac Security Guide

[[{“type”:”media”,”view_mode”:”media_large”,”fid”:”385″,”attributes”:{“alt”:””,”class”:”media-image”,”style”:”width: 400px; height: 226px;”}}]]

Last update March 11, 2016

Mac / OS/X Security Recomendations

  • Keep your software up to date.
    • Always update your Apple software from the Updates section of the Apple App Store.  Click the Apple icon on the top left of the display, select “About this Mac” and click on Software Update.  Never update by way of a link on a webpage or an email.
    • Update non-Apple software from within the application or from the company’s web site.  Beware of ectra or bonus software downloads during updates.  Oracle’s Java updates are notorious for installing unnecessary toolbars.  Less scrupulous companies are often the source of unwanted add-ons that can steal data or show unwanted ads.
  • Make Time Machine backups
    • Select the option to encrypt backups.
    • Keep at least two backups each at a different location and at least one disconnected.  See my article on The Dangers of Cloud Sync.
  • Install anti-virus software.
    • I use Sophos Home, a free AV program for Macs.  Sophos.com
    • Install anti-malware software
      • I use Malwarebytes from Malwarebytes.org.  
  • Set a login password for your Mac
  • Keep your Mac behind a good firewall.

General Internet Safety:

Most malicious software gets installed when you do something, not on its own.    Always remember that email can be forged.  Just because it says it is from someone you know does not mean that is is or that they sent it.   For example, if you get a mail message that says “From: Microsoft” and has a link to click that will update Microsoft Word, DON’T. Similarly for mail that appears to be from PayPal, eBay, or your bank.   

If you’re browsing a web page and you get a popup window that wants you to update your Flash player, DON’T. (There are multiple fake updaters for Flash, some spread via Facebook.)  If you receive an email from your  bank with a low balance warning or any message that would cause you to want to login to the site NEVER click on any links in the email.  Always go to your browser and type the full URL of your bank – https://mybank.com.  Make sure the site is authentic by checking for the security lock icon in the address bar.

The most common attack I have seen during the last year is a browser hijacker.  A browser hijacker (sometimes called hijackware) is a type of malware program that alters your computer’s browser settings so that you are redirected to Web sites that you had no intention of visiting.  Browser hijackers are often installed together with other desired software as “ectras” such as search or shopping toolbars.  Once installed they can be quite difficult to remove.  Some hijackers include very dangerous functions such as keylogging or keyboard capturing, the action of recording (logging) the keys struck on a keyboard, typically covertly, so that the person using the keyboard is unaware that their actions are being monitored.  A keylogger can capture website login names and passwords opening up online banking and other sensative sites to the attacker.  Most just take you somewhere you don’t want to go to generate revenue for the attacker.

Once your browser starts acting strangley IMEDIATELY stop using it.  The following links provide step by step removal instructions.

https://malwaretips.com/blogs/remove-mac-os-x-virus/

Another common cuase of these symptoms is a DNS hijack.  I will post a seperate article about DNS hijavcks but in the meantime here is an article by Malwarebytes with an explnation and repait techniques.

Good detailed article about Mac malware from HowToGeek.com