Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > Software - Troubleshooting and Discussion > Mac OS X > Viruses & Spyware

Viruses & Spyware
Thread Tools
Mac Enthusiast
Join Date: Feb 2004
Location: Hell's Kitchen, NYC
Status: Offline
Reply With Quote
Mar 1, 2007, 10:19 PM
 
My wife only knows PCs, and she gave me holy hell for clicking on an obviously fake e-mail purporting to be from PayPal about my "account." I was curious to check out the scam, and she said it could have given me a virus or installed spyware... and even as I type it could be recording all my keystrokes!!! EEEEEK...

OK... I have a Mac. I know they ain't impervious to a virus, but most viruses aren't built for Macs... but what about spyware? Do I have anything to be worried about, really? Is it likely there could be spyware in my Mac now?

Maaaaaan... she got me so rattled I am doubting my sanity & my Mac...

(I have an iMac running OSX 10.3.9)
     
Senior User
Join Date: Jul 2002
Location: Arizona Wasteland
Status: Offline
Reply With Quote
Mar 2, 2007, 12:43 AM
 
Did something like this happen: YouTube - Misspell Google
     
Posting Junkie
Join Date: May 2001
Location: Brisbane, Australia
Status: Offline
Reply With Quote
Mar 2, 2007, 01:14 AM
 
Your wife is wrong. Tainted by her knowledge of PCs of course. There are currently no known viruses or spyware for Mac OS X.

[ fb ] [ flickr ] [] [scl] [ last ] [ plaxo ]
     
Clinically Insane
Join Date: Oct 2000
Location: Los Angeles
Status: Offline
Reply With Quote
Mar 2, 2007, 01:19 AM
 
Can we get an FAQ section?

"The natural progress of things is for liberty to yield and government to gain ground." TJ
     
Addicted to MacNN
Join Date: Aug 2004
Location: FFM
Status: Offline
Reply With Quote
Mar 2, 2007, 03:17 AM
 
Whether there are viruses on Mac or not, it's good practice to not open attachments from unknown sources. And the fake PayPal-mails use social engineering, so they obviously work with any platform. Whenever you enter a site where you have to enter your password (like your bank, eBay and PayPal) always type in the URL into the browser's address bar yourself before you do it. Never enter your account data into the site after you clicked a link, even if it looks absolutely legit.
     
Dedicated MacNNer
Join Date: Jul 2000
Location: Bunch Of Islands in The Pacific
Status: Offline
Reply With Quote
Mar 2, 2007, 04:12 AM
 
TETENAL is right be cautious when receiving these types of email, sometimes the website will be fake and get your personal info such as passwords and such. I just finished cleaning up my friends PC and boy that thing was loaded with viruses, spyware, and malware. Later they asked if my mac gets infected since I'm always on the net like there PC, and when I said never his wife said to him you should have bought me a mac and not a dell.

Also dont worry to much about viruses on the mac, the script kiddes(sp?) haven't begun there onslaught on the mac platform yet.


silver
 MBP 17" 2.16ghz, ATI x1600 256, 100GBHD, 2GB ram, 23"AppleLCD
     
Dedicated MacNNer
Join Date: Nov 2004
Status: Offline
Reply With Quote
Mar 2, 2007, 06:25 AM
 
Also, may I add, that clicking on those links in spam can verify your email address as valid which many times will just perpetuate your spam problem. This is my understanding anyway.
I have no lid upon my head. But if I did, you
could look iniside and see what's on my
mind.
     
Administrator
Join Date: Apr 2001
Location: San Antonio TX USA
Status: Offline
Reply With Quote
Mar 2, 2007, 08:36 AM
 
--erik-- and TETENAL are both correct. There are no known virus or spyware threats to Macs in the wild at this time, BUT it's never a good idea to open attachments in unsolicited emails-sometimes it's just a good idea to not open these emails at all.

There seems to be a PayPal phishing scheme in play at this time (I've seen lots of chatter on a number of boards to the effect "So and So online vendor stole my PayPal account!!!-oh, wait, I fell for a scam!") so let's review the basics.

>>LEGITIMATE EMAILS FROM PLACES LIKE PAYPAL WILL NEVER, NEVER, NEVER!!!! ASK FOR YOUR USERNAME AND PASSWORD.
>>ALWAYS DOUBLE OR TRIPLE CHECK THAT THE URL YOU'RE USING FOR SUCH PLACES IS REALLY THEIR URL-DON'T DEPEND ON A LINK IN ANY EMAIL, USE YOUR OWN BOOKMARK OR ENTER IT MANUALLY.
>>THINK FOUR TIMES BEFORE YOU SUBMIT ANY OF YOUR PERSONAL INFORMATION, PARTICULARLY BANKING INFORMATION, TO ANY SITE.

As an aside, if you use Boot Camp to boot your Mac with Windows, you CAN get a virus on that partition, and there are viruses that just plain wipe the WHOLE hard drive, so always use an antivirus package with ANY Windows installation.

Glenn -----OTR/L, MOT, Tx
     
Clinically Insane
Join Date: Mar 2001
Location: yes
Status: Offline
Reply With Quote
Mar 2, 2007, 09:25 AM
 
I think there is an easy way to protect yourself against email scams.... simply look at the full headers of the email and the envelope information to see where the email really came from. If it came outside of the domain indicated within the email headers, it's likely a scam. If it came from inside the domain, they either have a compromised network or else it is a legit email.

Of course, common sense prevails in judging an email by its contents too.
     
tpicco  (op)
Mac Enthusiast
Join Date: Feb 2004
Location: Hell's Kitchen, NYC
Status: Offline
Reply With Quote
Mar 2, 2007, 06:17 PM
 
i did not enter ANY personal info... i just took a look at the phony site... thanks for all your info
     
JKT
Professional Poster
Join Date: Jan 2002
Location: London, UK
Status: Offline
Reply With Quote
Mar 3, 2007, 04:45 AM
 
Yes, but you clicked the link to go there... you shouldn't even be clicking the link. Just because no one has worked out how to compromise a Mac up 'til now, doesn't mean that they won't ever do it.
     
Fresh-Faced Recruit
Join Date: Jan 2007
Status: Offline
Reply With Quote
Mar 4, 2007, 06:07 PM
 
Regardless if the Mac isn't susceptible to most viruses. Its generally a good idea to just trash any junk mail, or spam. If you use an html enabled email reader the spammers can verify that your email is active when you open an email because they can track if an image is loaded. Tetenal hit the nail on the head. The biggest thing to worry about on a Mac is not viruses or spyware. Its social engineering.
Apple Switcher!
365 Days of my experience with Apple at Keynote 2 Keynote
Join the 100 Apple Users and Switchers Project
     
Grizzled Veteran
Join Date: May 2001
Location: Ca
Status: Offline
Reply With Quote
Mar 5, 2007, 01:48 PM
 
Originally Posted by TETENAL View Post
Whether there are viruses on Mac or not, it's good practice to not open attachments from unknown sources. And the fake PayPal-mails use social engineering, so they obviously work with any platform. Whenever you enter a site where you have to enter your password (like your bank, eBay and PayPal) always type in the URL into the browser's address bar yourself before you do it. Never enter your account data into the site after you clicked a link, even if it looks absolutely legit.
Second that.
Don't start bad habits.
With some loud music + a friend to chat nearby you can get alot done. - but jezz, I'd avoid it if I had the choice---- If only real people came with Alpha Channels.......:)
AIM:xflaer
deinterlaced.com
     
Fresh-Faced Recruit
Join Date: Mar 2007
Status: Offline
Reply With Quote
Mar 5, 2007, 06:50 PM
 
Hi, I'm new to Macs. I installed a free Mac AV program called ClamXav. It's really slow and bogs down my system. Should I uninstall it and go without AV protection?
     
Mac Elite
Join Date: Sep 2005
Location: Los Angeles, California
Status: Offline
Reply With Quote
Mar 5, 2007, 07:07 PM
 
I don't see a point in using AntiVirus.

I don't.

Especially if it's bogging down your system.
Linkinus is king.
     
Fresh-Faced Recruit
Join Date: Mar 2007
Status: Offline
Reply With Quote
Mar 5, 2007, 08:36 PM
 
Thanks for the insight Brokenjago. The only reason why I have AV software is because I sometimes share files with Windows people and I don't want to unwittingly give them a virus. I know 99.9999% of viruses/worms/trojan/etc are made for Windows boxes so they wouldn't affect me even if I did have an infected file on my Mac but it WOULD affect the poor Windows person that I unknowningly passed the file onto which is why I keep ClamXav even though it is slow as Hell. I think I'll just use it to scan select files that I'm about to send to Windows boxes and that's it.
     
JKT
Professional Poster
Join Date: Jan 2002
Location: London, UK
Status: Offline
Reply With Quote
Mar 6, 2007, 02:27 PM
 
Originally Posted by FallN View Post
I think I'll just use it to scan select files that I'm about to send to Windows boxes and that's it.
The way I have set it up is to use the Folder Sentry to scan my browser Downloads folder, my iChat attachments folder and my ~/Library/Mail Downloads folder. Anything else I can do manually using the contextual menu option or by drag and drop, should I even need to. Otherwise, those are the only three locations that I have potentially infected files coming in to my system.
     
Mac Elite
Join Date: Sep 2005
Location: Los Angeles, California
Status: Offline
Reply With Quote
Mar 6, 2007, 02:51 PM
 
I know 99.9999% of viruses/worms/trojan/etc are made for Windows boxes so they wouldn't affect me even
More like 99.99999999999999999%
Linkinus is king.
     
Administrator
Join Date: Apr 2001
Location: San Antonio TX USA
Status: Offline
Reply With Quote
Mar 6, 2007, 10:11 PM
 
Originally Posted by brokenjago View Post
I don't see a point in using AntiVirus.

I don't.

Especially if it's bogging down your system.
The good ones don't. I've NEVER seen any performance impact from Norton AV on a Mac. (Of course I'm also someone that actually uses it instead of buying the FUD that Norton will neuter your dog and urinate in your car, but I'm funny that way.)

None of the "well known" free ones should load down your system, either. Products like ClamAV are not known for being resource hogs.

Glenn -----OTR/L, MOT, Tx
     
Fresh-Faced Recruit
Join Date: May 2005
Location: NYC
Status: Offline
Reply With Quote
Mar 6, 2007, 11:29 PM
 
About phishing scams; they are not the same as spam. Spammers make money from spamming. They pay good money for 'good' leads, i.e. live, active e-mail addresses. They use plenty of ways to discover these. Popular one is placing images in html but fetching them through FTP instead of regular html; that way, your e-mail client automatically has to log in as anonymous user (with your e-mail address as password). They search the logs for anonymous' users passwords and harvest fresh, active e-mail addresses.

Phishing scams don't care about live addresses that much. They are mostly one-shot deal. They actually are spammers' customers. They purchase these massive mailing lists and blast their phishing messages to these lists. Their goal is to lure you to their web-site in order to give them your paypal/eBay/HSBC/Bank of America/Chase/etc. IDs and passwords. There is zero danger from opening a phishing message. Zero danger from clicking a link in that message and viewing that phishing site. I have done it many times, for the same reason original poster did; curiosity. In many cases, these phishing fake pages were hosted on compromised servers; once I saw a fake eBay login page on a site about chrochet (you know, doilies, mittens, hook-and-yarn stuff...!!). These sites are the easiest prey for phishers, since often they are simple, with an easy-to-break FTP password (children's names, dates of birth, etc.). I would usually notify the original webmaster that their site was compromised. It would do a little good, since the phishing attempt lasts no more than two-three days. By then, phisher has hopefully collected several thousand passwords. Oftentimes, fake phishing pages are hosted in China or Taiwan (do a trace to one of those and you'll see).

The bottom line, and my 0.02$ to the original poster: Feel free to click on anything but SPAM. You will not get infected by any virus, spyware or any other malware. There still is none for Mac OS X.
     
Professional Poster
Join Date: Jan 2000
Location: Columbus, OH
Status: Offline
Reply With Quote
Mar 6, 2007, 11:47 PM
 
Another smart thing to do is to uncheck the box for "Display remote images in HTML messages" in OS X's Mail Preferences under Viewing.

Those bastards can verify that your email address is active by detecting that you downloaded those image files from their server.
HyperNova Software, LLC
     
Clinically Insane
Join Date: Dec 1999
Status: Offline
Reply With Quote
Mar 6, 2007, 11:57 PM
 
ClamXav is almost useless. It'll identify what files are infected, then move them to a specific folder, however, it doesn't actually clean any files of a virus.
"…I contend that we are both atheists. I just believe in one fewer god than
you do. When you understand why you dismiss all the other possible gods,
you will understand why I dismiss yours." - Stephen F. Roberts
     
Fresh-Faced Recruit
Join Date: Mar 2007
Status: Offline
Reply With Quote
Mar 7, 2007, 05:39 AM
 
olePigeon, since ClamXav moves it to a folder (quarantine) it's a simple as deleting the folder or the folder's contents. Problem solved.
     
Junior Member
Join Date: Feb 2007
Location: Miami, FL
Status: Offline
Reply With Quote
Mar 7, 2007, 10:25 AM
 
Quick question...

i use mail.app with a bellsouth.net pop email adress thing...

i have mail set up so i view my email list on top... and when i click on an email it loads up on the bottom half of the program...

problem is... to delete junk mail i have to click on the actual email to highlight it and it starts to load, then i push the delete button an i delete it, reason why i dont delete all the emails at once is because sometimes emails get marked as spam when they are not, if i see one by the subject ok fine... but if i cant just tell from the subject i have to open them...

how at risk am i if i view the emails... but never enter any information, or download or open any attachments, all i do is view them to see what they are and then press delete... the program deletes my trash when i close the program everyday...
20" iMac / 2.16Ghz Intel Core 2 Duo / 1GB Ram / 250GB HDD
     
Fresh-Faced Recruit
Join Date: May 2005
Location: NYC
Status: Offline
Reply With Quote
Mar 7, 2007, 01:17 PM
 
Well, vitalprogeny, your only risk is that of exposing your e-mail address to the spammer. When an image loads inside an HTML message, it is often loaded directly from a remote FTP server. As mentioned above, in order to show it, your Mail app has to log into this FTP server, providing it with your e-mail address as a password. This is one of the ways spammers harvest live e-mails. There is a way, however, to mark messages as junk without actually clicking on them (and thereby displaying the body, complete with those remote images). You can configure the top part of your Mail app to show the message's junk status. That way, if you are sure it is a junk message, instead of clicking on the subject, or the sender's name, you click on the little dot in the 'Junk status' column. It will mark the message as junk right away, and it won't display it; instead, the message will move straight into your junk folder. This only works if you have Mail app configured to automatically move messages determined (or marked) to be junk into the junk folder. If not, this won't work. However, there is another (albeit longer) option. If you have only one message that you want to mark as junk, select a legitimate message right before or after it. Then, shift+click your junk message; now both messages are selected and neither is displayed in the preview pane. Then mark them both as junk. Once you do that, select the legitimate again and unmark its junk status. This multiple selection technique works even better when you have multiple junk messages: first select a legitimate one, then Ctrl+ select junk ones; then Ctrl+deselect the good one and mark the remaining selected junk as, well, junk.

I hope this helps.
     
Mac Elite
Join Date: Sep 2006
Status: Offline
Reply With Quote
Mar 7, 2007, 02:12 PM
 
Some great points in the above posts.
There are no viruses that can infect a Mac.
Now, having said that, if you use Windows on a Mac you need anti-virus and all kinds of other mal-ware protection. There are Windows viruses that can only be removed by a hard drive reformat. And it does make you a good neighbor to stomp on viruses from your Windows buddies.
There are businesses and organizations that simply require anti-virus software, Clam and Norton are fine, they shouldn't slow down your system. If that seems to be the case then you have some other problems going on.
Finally, the most effective spam campaigns are those that have you the user clicking on phishing expeditions! No software protection is going to immunize you from your own behavior!
     
JKT
Professional Poster
Join Date: Jan 2002
Location: London, UK
Status: Offline
Reply With Quote
Mar 7, 2007, 06:59 PM
 
Originally Posted by Sherman Homan View Post
There are no viruses that can infect a Mac.
<snip>...Clam and Norton are fine, they shouldn't slow down your system.<snip>
Strictly speaking, neither of those statements is true. There are MS Office macro viruses that can function on the Mac, even in OS X (and if you still use Classic, there are 40 or so viruses that are active against the system); ClamXav and Norton will slow down your system when they are doing processor intensive tasks such as actively scanning a file or files for viruses.
     
Addicted to MacNN
Join Date: Oct 2001
Location: Automatic
Status: Offline
Reply With Quote
Mar 8, 2007, 04:52 AM
 
So was Display Eater (reversecode.com) kinda like a Requiem For a Dream for Macintoshes being free of viruses & malicious software?

That was nasty.
     
Posting Junkie
Join Date: Feb 2000
Location: Washington, DC
Status: Offline
Reply With Quote
Mar 8, 2007, 04:36 PM
 
Originally Posted by tpicco View Post
i did not enter ANY personal info... i just took a look at the phony site... thanks for all your info
Just by clicking on the link, you may be giving personal information.

Example:
I could send the following links with a link to a bank accound
- http://www.ABC-Bank@64.161.169.137/y...@youremail.com

I would know a few things:
1. You most likely have an account with that bank
2. You have a valid email (so I can spam you a bunch!)
3. I would have your IP address
4. I might even have your name
     
Posting Junkie
Join Date: Feb 2000
Location: Washington, DC
Status: Offline
Reply With Quote
Mar 8, 2007, 05:02 PM
 
I would be RED HOT MAD if Apple did ANYTHING like this:
heise Security - News - WGA notification just doesn&#39;t stop
     
Baninated
Join Date: May 2005
Location: England
Status: Offline
Reply With Quote
Mar 8, 2007, 05:28 PM
 
Originally Posted by - - e r i k - - View Post
Your bitch is wrong. Tainted by her knowledge of PCs of course. There are currently no known viruses or spyware for Mac OS X.
Fixed.









     
   
Thread Tools
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Top
Privacy Policy
All times are GMT -4. The time now is 08:28 AM.
All contents of these forums © 1995-2014 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2014, Jelsoft Enterprises Ltd., Content Relevant URLs by vBSEO 3.3.2