It’s curious about the phenomenon of synchronicity. As I was writing this column, I got an unsolicited call on my Skype account; the first I might add, and I’ve been a member for several years. Out of curiosity, I answered, only to hear a clumsily recorded robotic male voice warning me of potential security problems on my computer. I promptly hung up, and checked my Skype preferences about blocking unsolicited calls.
Now understand that getting so-called telemarketing calls on regular phones is nothing new, although it might be a novelty on Internet telephone services. Junk phone calls have persisted for years, forcing the U.S. Federal Trade Commission to set up a National Do Not Call Registry. Once your phone numbers are entered into the online database, and it takes just a couple of minutes to register up to three numbers at a time, a business cannot call you unless they have a prior business relationship with you. If they violate the law, they can face severe fines, though I wonder how often that really happens.
But what really got my dander up is that this unsolicited call was using the very same scare tactics that Internet criminals have used for years to attempt to induce you to buy bogus security apps. The tactics are usually the same. You suddenly see a pop-up window in your browser warning you that your computer might be infected with a virus. You can just dismiss the warning and get on with your business, but if you accept the scan, you will be, in short order, notified that you must download and install a special app to remove the malware on your computer. They’ll even sell you a user license, but, in the end, the warning was a fake, and you will be paying for a product that does absolutely nothing — other than to take your money of course. And once they have your credit card number, you are in danger of having that number used for more fraudulent purchases.
Up till now, this phenomenon has been primarily a Windows-based annoyance, with a recent estimate that a whopping one of every 14 Windows-based downloads may represent a bogus app of some sort.
However, Mac users have not been immune to social engineering of this sort. It just took the Internet gangs who engage of this form of thievery to seek out a new audience for their scareware. So very recently, you probably read of this new threat, called MAC Defender, MAC Security, or something similar. The approach is the same. You see a warning that still resembles a Windows prompt, but it appears the actual software is very much in tune with the Mac interface. No doubt, the criminals involved have been boning up on their Xcode skills, so they can create Mac apps that look and behave very much like the real thing, except, of course, that they are useless.
Up till now, Apple hasn’t really paid much attention to the occasional flare ups of Mac OS X malware, since they haven’t been widespread. They will half-heartedly inform you that there are security apps available if you choose to protect yourself. Most of the problems up till now have involved downloading and installing malware-ridden software. But the same people who fool you into installing a bogus security app can also fool you into installing something that literally takes over your computer, and steals your personal information, including passwords, bank account numbers, and other critical data.
Up till now, Macs have resisted such outbreaks partly because of a “security through obscurity” situation, meaning that Apple’s relatively low market share didn’t make it a serious target for malware. Computer virus authors are also highly skilled at creating viruses for the Windows platform. Even though Microsoft has been far more active in fixing security issues on Windows in recent years, loads of people still run PCs with older, unprotected operating systems, thus leaving tens of millions of people vulnerable to virus infections.
In their recent security feature, Consumer Reports spoke of multi-billion dollar losses, although they didn’t state the obvious, that perhaps 100% of those losses were on the Windows platform. I suppose that equation might change a little now, considering that some Mac users are being successfully coerced into buying MAC Defender licenses.
After apparently attempting to ignore the issue for a while, Apple has decided to take a surprisingly forthright approach. They have already posted [1] a Knowledge Base article that describes the extent of the problem, which they classify as “phishing,” and how you can easily remove the offending software and, with a few extra steps, a startup item that causes the app to run each time you reboot your Mac, along with an accompanying background app.
Apple is also promising a forthcoming update for Mac OS X that will protect your Mac from MAC Defender and its variants, which include the latest threat, known as MacGuard. You probably don’t know that Snow Leopard actually has built-in malware protection, but it’s very limited in functionality, and is not regularly updated. By taking this measure, Apple may enter quicksand, as updates to MAC Defender and other Trojan Horses will continue to appear, thus forcing them to issue regular updates. And I haven’t mentioned the standard security updates, issued occasionally, which usually address issues that could cause your Mac to be compromised.
Now I’m not about to suggest you should be installing virus protection software on your Mac, although it probably won’t do any harm, since the better products don’t seriously hog system resources or slow down your computer. But the arrival of MAC Defender may be only the first of many serious threats to appear, so the best advice is just be careful, and practice safe computing. In other words, don’t download any software except from trusted sources, such as the Mac App Store, and responsible third-party developers and software repositories.