Phishing Still a Threat to Macs: Here’s How to Protect Yourself

We hear it all the time: Macs are safer than PCs when it comes to viruses. And on the surface, that is largely true, although there is a growing amount of malware that is directed toward Apple devices.

The problem, though, is that many Mac owners are lulled into a false sense of security when it comes to keeping their computers and their data safe. While the chance of your computer getting infected by a virus or malware is lower — and all but nonexistent when you use antivirus for Mac — you can still fall prey to social engineering scams and phishing scams that put your sensitive information at risk.

Because the likelihood of falling for a phishing scam is somewhat greater when you have a Mac, it’s more important than ever to be vigilant and learn the signs of phishing so you can ignore the message and avoid having your accounts compromised and identity or money (or both) stolen.

Learn the Signs of Phishing

Sometimes, a phishing email is completely obvious. If you receive a message from a company you don’t do business with, asking you to confirm account details, address an issue, or some other request, you can safely ignore it. Most phishing attacks are crimes of opportunity: The hackers send out thousands of emails, hoping to capture even a small percentage of the recipients unaware.

When the email appears from a company you do have a relationship with, though, it can be a little more difficult to distinguish a fake message from a real one. Thankfully, though, there are usually a few telltale signs:

• An unusual “from” address in the email.
• Misspellings and/or poor grammar in the message.
• A request for account login details, something that no reputable company would ever request.
• Links that do not lead where they claim. You can see the actual destination of a link by hovering over it in the email; if it leads to a completely different site, or a spoofed site, you’re being scammed.
• The email notifies you of an action that you didn’t request, like a password change request.

Again, when you receive an email with any of these signs, delete it. If you aren’t sure, navigate directly to the site in question (not via the link), log in and look for more information about the issue mentioned in the email. If you don’t find anything, the email was a fake.

Popup Phishing Attacks

Not all phishing attempts come via email. Mac users have also fallen victim to pop up scams and spoofed site attacks.

One of the most common pop up scams to affect Mac users is the “tech support” scam. It’s common to be directed to a page or see a popup claiming that the machine has been infected by a virus or has some sort of malware on it, and that you need to call Apple support in order to get help with the problem. As you might imagine, if you actually call the number on the popup, you’re asked for a credit or debit card to pay for the service, which is in no way associated with Apple or even tech support.

The easiest way to avoid falling for these types of scams is to ignore them, and quit your browser. If you suspect that you may have come across some type of adware, you can get rid of it by re-launching Safari while holding down the Shift key. This will remove any cookies or website data, disable extensions, and verify your homepage settings, and get rid of the popups entirely.

If you still have trouble with the popups, update your machine to the most recent version of El Capitan; if you already have the latest version, restart your computer, as El Capitan will remove adware and other plugins at startup.

You can also avoid malware by avoiding applications from sources other than the official Mac store or trusted sources. To ensure that apps are not downloaded without your permission, establish your machine’s security settings at Apple menu > System Preferences, and then click Security & Privacy, then click General. From there, you can select the sources from which software can be installed — Mac Store only, Mac Store and Identified Developers, or Anywhere. By avoiding the Anywhere setting, you can protect your machine from potentially harmful applications.

To be sure, the likelihood of falling victim to a virus or malware is much lower on a Mac than other machines. However, because you can still expose your information in a phishing attack, you need to be vigilant and take steps to protect yourself.