Do Macs Get Viruses?

by

Many Apple owners believe their Macintosh computers are immune to viruses. Apple itself has run ad campaigns promising its computers “don’t get viruses”. And those who have owned a Mac for years, decades even, are particularly prone to believing. After all, nothing’s happened to them yet. Regrettably, Macs do get viruses, and the threat is growing.

For a long time the argument was that cybercriminals didn’t bother to develop Mac viruses. There weren’t enough users to justify the effort. Instead, they’d focus on the lower hanging fruit – PCs running Windows.

Yet Apple’s market share is on the rise, and it’s increasingly common to see Macs in the workplace, especially in creative industries. Plus, there’s a widespread assumption that Mac users are a smart target as they are likely to be better off. So, while Macs remain harder to infect (installing most software requires a password), there’s often a greater payoff.

The research reflects the reality. In 2017, for instance, the iPhone OS and Mac OS X placed #3 and #6 in CVE Details’ top 50 ranked by total number of distinct vulnerabilities. Apple TV and Safari also made the list at #17 and #18, respectively. In 2017, Malwarebytes also reported it “saw more Mac malware in 2017 than in any previous year”. By the end of 2017, the cybersecurity firm had counted 270% more unique threats on the Mac platform than in 2016.

Finding Apple’s Weak Spots

It’s obvious then that bad actors are no longer steering clear. They are actively looking for ways to exploit Macs.

A common approach is to use Trojans. Named after a gift wooden horse that hid an army, Trojans look like something you would want to install. So, Mac users happily enter their passwords to download that application and open the gates to the cybercriminal.

In 2011, for instance, a Trojan called “Mac Defender” took advantage of people’s desire to protect their computers. The fake program appeared to be anti-virus software. Once the users installed it, they’d get an onslaught of pop-up ads encouraging them to buy more fake software.

Trojans get through the gates because you let your guard down. You are taken in by that supposed note from a long-lost friend. You think you want to see that pic of that famous celebrity. All it takes to stop this type of attack is suspicion of everything you might install or download.

A business would want to educate its employees about the importance of:

  • clicking on emails with care;
  • validating the source of any files they plan to open;
  • checking a website’s URL (being especially wary of those with less common endings such as .cc or .co);
  • questioning any promises of Ray-Ban sunglasses for 90% off or the latest iPhone for $29.99.

A new threat comes from within the Mac App Store, according to Thomas Reed, a Mac security researcher. When a user tries to install an app on a Mac, a Mac OS program called Gatekeeper checks the file’s code signature. The signature helps certify the app is valid. However, Reed found that cybercriminals could buy a legitimate certificate from Apple, or steal one and trick users. Users would install masked malware that could infect legitimate programs and evade detection.

Key Takeaway

Apple is always working to protect its users from malware. It has measures in place, and user caution can make a big difference, too. Still, it’s not true that Macs are completely safe.

Find out what you can do to protect your Macs and guard against threats. Partner with a managed services provider to gauge your security levels.

Call us today at 478-474-0861!

Keeping Tabs On Children’s App Purchases

by

Children today have grown up surrounded by technology their entire lives. Since before they are old enough to read they can pick up a tablet or smartphone and swipe at apps and games with ease. Modern kids have an intuitive understanding and ability with technology that older generations can barely imagine. The abundance of technology, however, comes with a price.

Easy access to any marketplace can be a double-edged sword. The convenience and ease of use is a boost to those of us needing a quick app, but accidental purchases can cause a lot of headaches. One-click online shopping was once one of the biggest dangers our bank account faced. Now, many of us carry multiple devices, each with their own marketplace and app stores.

With modern tech, mobile applications, whether on iOS or Android devices, are easier than ever to buy and download. So simple in fact, that a child could do it.

Designed to Appeal – Children love to download mobile applications that feature their favorite characters, cartoons and TV shows. Advertisements are aimed specifically for children in ways that will invite them to click a link and instantly download a game.

These games are typically free, meaning they don’t require authentication by default before downloading. A new game can be downloaded, installed, and ready to run seconds from clicking an ad.

Developers commonly use, what is known in the business as, a ‘freemium’ model. This means that the game is free to download and start, but inserts paid ‘upgrades’ designed to make the player part with cash.

Freemium Games – Upgrades to games may unlock more levels, purchase an in-game currency, or outfit a character with special attributes. Competitive online games commonly employ a strategy that gives paying players an unfair advantage over ones who don’t pay. This is often referred to as ‘pay-to-win’ and entices players to spend more to get on the same level.

Many mobile-based games are designed purely to encourage in-app purchasing. Some deliberately design a deceptive or tricky user-interface that makes it easy to miss-click or make purchases by accident.

There are regular stories in the news featuring kids spending thousands on in-app purchases for virtual characters. In some cases, children can use real-world money to buy items thinking they are spending in-game currency.

Apps to Help – Of course, it’s unfair to give all applications a lousy name. Many deserve it, but not all apps are guilty of behaving badly. There are fitness apps, productivity apps, and educational apps that can act as useful tools to help enhance your day. Children can get a lot from high-quality applications in the same way educational software for the computer can be a huge classroom boost.

Getting the most out of your phone or tablet is about keeping your device safe against applications designed merely to take your money.

Secure Your Device – The best step you can take to prevent running up enormous app bills is to disable in-app purchases on your devices. This prevents apps from being able to take funds for digital items. The process to do this is simple, takes less than 2 minutes, and can save you huge amounts.

  • On iOS: Enter the settings screen, tap on ‘General’. Then tap on ‘Restrictions’ and tap the ‘Enable restrictions’ option. Make sure to turn “In-App Purchases” off.
  • On Android: Inside the Google Play App: press the phone menu button and go to Settings. Scroll down to “User Controls”, tap on the “Set or Change Pin” option and set a pin that only you will know.
    In the “User Controls” menu check the option to “Use Pin for purchases”. Newer phones may label this pin as a password instead.

Safe Apps – With these options enabled, whether using an iOS or Android device, your phone or tablet is safe from app purchases in any hands.

Don’t Fall Victim to Webcam Blackmail

by

Many users have reported recent scam messages from individuals claiming to have intercepted their username and password. These messages often state they have been watching your screen activity and webcam while you have been unaware.

Typically, attackers threaten to broadcast footage to your contacts, colleagues, or social media channels. Demanding payment in Bitcoin, malicious hackers blackmail their victims to keep confidential information private.

Where Have the Attacks Come From?

In many cases where hackers have claimed to have a victims’ password, this has turned out to be true.

In the last few years alone, many large websites have suffered enormous hacks which have released confidential details on many of their users. LinkedIn, Yahoo, and Myspace all suffered massive and devastating hacks. Some users of these services are still feeling the consequences today.

The details leaked from these sites, and others facing the same issues, are sold online for years after the initial breach. Hackers buy username and password combinations in the hopes of reusing them to access services, steal money, or blackmail their owners.

How to Respond

If you have been contacted by one of these hackers, it is a scary reality that they could have access to your credentials, data, and online services.

The only thing you can do in response to this type of email is to ignore it. This “we recorded you” email is a scam made much more believable because they probably do have one of your real passwords gained from a site hack.

That said, accounts that share the same password should be changed immediately. Security on additional services you use should be updated too.

Self Defense On the Web

When using online services, a unique password for every site is your number one defense. A good password manager makes this practical and straightforward too.

Using a different password for each site you use means that hackers can only gain access to one site at a time. A hack in one place should never compromise your other accounts by revealing the single password you use everywhere.

Often, people think that maintaining many passwords is hard work or even impossible to do. In truth, it’s almost always easier to keep tabs with a password manager than it is to use the system you have in place today.

A high quality and secure password manager such as LastPass, or 1Password, can keep track of all your logins efficiently and securely. They often offer the chance to improve your security by generating random and strong passwords that hackers will have a tougher time cracking.

Password management services offer a host of features that help you log in, remind you to refresh your security, and make your safety a number one priority. After using a manager for just a short time, you can be forgiven for wondering how you managed without it.

If you think you might have been hacked already, or want to prevent it from ever happening, give us a call to at 478-474-0861 update your security.

FOLLOW US

Recent Posts

Tags

#bestservice #computerrepair #nocontract #qualitycomputers backup bad hard drive cloud computer repair consumer data loss data recovery email Hacker msp new computer new laptop online safety QualityCareSuite recover data remote support repair sale scam service small business Webcam