More fake software targeting Macs...

[Kevriano]

As with the Google "virus" the other day, this seems to be a similar thing.

Mother’s Day search terms lead to Mac rogue security software | Naked Security

 

[BrianLachoreVPI]

I think people are having fun with this. I actually was doing an image search yesterday - and 3 images I clicked on - pulled the same stunt. Annoying. The great thing about this forum is - I usually learn something every day - and the day before yesterday - I learned why the .dmg files downloaded in Safari always mount automatically (from this thread/post). I disabled that - and just in the nick of time - since those images (from Google image search) - as soon as I clicked - the .dmg downloaded. This happened on 3 different images within a span of 5 minutes.

 

[cwa107]

Took a lot of work, but eventually I was able to get the same pop-up. I had to do some pretty specific searching though (actually followed Sophos to the letter).

As expected, Firefox warned before downloading the file. But what was really surprising was that the "Cancel" button in the js window that popped up actually functioned! Usually they don't give you that option - at least in the Windows variants I've seen.

The sad thing is, it looks polished enough to fool the average (paranoid) user. And how, as a tech, can you really train those users to be suspicious of these things? I mean, there's really no tell-tale sign that one of these is fake. If they're running a legit AV product, it could potentially pop up and say there malware present on the system. So, how does one distinguish between what is real and what is fake? I mean, I have a highly-tuned BS-o-meter, but the average person isn't going to know the difference.

Still, I'm not so sure I would recommend an AV product, even with the existence of this kind of extortionware (now on the Mac). I highly doubt any of the packages would have prevented a zero-day infection. I'm sure they could have removed it easily enough, but it's not like they provide even an ounce of prevention.

 

[Chris H.]

I've seen the masquerading of Windows Explorer before (Mom happens upon it when searching for frog pictures), but it should be plainly obvious in either OS. If you're using Firefox, Safari, Chrome or Opera in Windows and you see the "fake" in your internet browser, close the browser and clear cookies and cache.

I mean think about it, if you're using Safari in Mac OS X and you see the fake Finder show up (and it looks nothing like what you have it set up as), it should be painstakingly obvious that what you are seeing is indeed fake.

And yet, I find it sad that people quickly become fooled.


I wonder if searching using Bing! makes an difference.

 

[a.j.c.]

Lately I use bing much more than google to do my searching..

But doesn't that pretty much just take u to the same links?

 

[Chris H.]

Lately I use bing much more than google to do my searching..

But doesn't that pretty much just take u to the same links?

The malicious websites and the latest "Mac Defender" hype stems mainly from Google thanks to "poisoning of Google search suggestions".

 

[rabbitjetta]

I never use google images for this reason and I barley ever go to sites that I do not know and if I do I scan it first with the link extend ad on for firefox.

 

[brit]

): Firefox is no longer supported on old PowerBooks. ):

 

[dtravis7]

): Firefox is no longer supported on old PowerBooks. ):

What OSX is on your powerbook? If Tiger or Leopard, try TenFourFox. It's the latest Firefox builds ported over to Power PC! Since Safari on those older OSX version is getting outdated, to me that is the best option I have found!

TenFourFox!

 

[Spellbinder]

Perhaps because of my old Windows habits, I've had Sophos installed since I moved over to Mac. One can never be to careful.

 

[iggibar]

Here's how I deal with this stuff. I use my Mac, and only allow downloads that I know I am wanting to download. If anything wants to download at a time where I hadn't anticipated a download, I cancel/stop/exit out of Safari/Firefox. It's not really that hard, but I think paranoia gets to some people.

 

[McBie]

As a rule of thumb .... if you did not specifically went looking for it, don't install it.

And do not trust any of the buttons but force quit the application ( installer )

Cheers ... McBie

 

[vansmith]

The great thing about this forum is - I usually learn something every day - and the day before yesterday - I learned why the .dmg files downloaded in Safari always mount automatically (from this thread/post).

I still don't know why this is a "feature" and isn't classified as what it really is - a gaping security hole.

I've seen the masquerading of Windows Explorer before (Mom happens upon it when searching for frog pictures), but it should be plainly obvious in either OS. If you're using Firefox, Safari, Chrome or Opera in Windows and you see the "fake" in your internet browser, close the browser and clear cookies and cache.

I mean think about it, if you're using Safari in Mac OS X and you see the fake Finder show up (and it looks nothing like what you have it set up as), it should be painstakingly obvious that what you are seeing is indeed fake.

And yet, I find it sad that people quickly become fooled.


I wonder if searching using Bing! makes an difference.

You have to remember that not everyone has the same level of acumen (Macumen?) with regards to computers that many of us do. IT work has made me appreciate that some people really don't use a computer as anything more than a tool which likely means they don't understand the nuances of software visuals.