Mac Users Targeted By Cyber-Attackers

applelogoThe Apple OSX platform has long held the cache of being invulnerable to attack.  Cyber-criminals have be crafting more exploits to target Macs, iPhones, and iPads, especially since 2012.  The reason for this, as explored in a recent article on SiliconBeat, is that Apple users tend to have more disposable income.  If you willingly pay more to have “the best” or most trendy device, you generally are wealthier.  Cyber-crooks follow the money.  So if you are a Mac user, you need to be doing something about security.

Anyway, Apple users are just as likely to receive a phishing email, a fake tech support call, or other social engineering exploit as a Windows user.  Recent exploits have included phishing email advising users that their Apple ID was due to expire, and after clicking on the link, were taken to a web page where they were told to “update” their ID.  The first information collected on the form is the existing ID, which the criminals used to break into their iTunes account. There was also a fake Adobe Flash player exploit recently that allowed the attackers to install unwanted software programs in affected systems.  There is a great article on Naked Security that gives the history of Mac malware, going back all the was to the 1982 ElkCloner exploit.

So what should you do?  The list is going to look familiar to Windows users, we’ve been doing these things forever.

  • Passwords.  Use a password to secure your iMac or MacBook, and make sure it is long, complex, and unique.  Using a password manager such as Keeper, available on the Apple Store, is a great idea, too.
  • Anti-malware and firewall software.  There are many excellent products for the Mac, and Tom’s Guide recently reviewed a bunch and listed the six best, including Avira, BitDefender, Avast!, and Kaspersky.  My favorite, Sophos, took a drubbing in this evaluation, but they have a new product that has corrected its previous deficiencies.
  • Encryption.  I am a member of the “encrypt everything” school of thought, especial for mobile devices, which tend to be lost or stolen with more frequency.  Encrypted files are impossible for crooks to decrypt or use to attack you further.
  • Education.  In order to acquire a driver’s license, a person needs to take some training, and pass a written and behind-the-wheel test.  This is good practice for computer users too.  You are reading this article, for example, so self education is not a foreign concept for you.  You ought to learn a bit more about what the bad guys are after and how they do it.  Learning about cybersecurity has really become important in the current era, if you want to keep your devices, family, business, personal information, and money safe from cyber-thieves.

So Mac users consider yourselves warned and informed.  Today is the best day to take action to secure your digital life from attackers.

More information:


About the Author:

Cybersecurity guru to business owners in the St Paul, Minneapolis, and western Wisconsin area. Computer security and hacking have been a passion of mine since I entered the computer and networking business in 2000. In 2013 I completed a course of study and certification exam to become a Certified Ethical Hacker (CEH). In 2016 I was certified as a Certified Information Systems Security Professional (CISSP). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of computer security, network security, and web site security. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also provide Cybersecurity Awareness Training for clients and their employees. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. The views expressed on this Web site are mine alone and do not necessarily represent the views of my employer.

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.