27672024665
AVG Signal Blog Security Malware The Ultimate Guide to Mac Security
The_Ultimate_Guide_to_Mac_Security_2018-Hero

Written by Clayton Weeks
Published on June 14, 2018

In fact, AVG stopped more than 319 million threats to Mac users in 2017. And that number is rising. In the first four months of 2018, we detected more Mac threats than the same period last year.

This article contains:

    Here’s a breakdown of the number of Mac threats we’ve stopped for you data-porn addicts out there:

    Mac threats are increasing year over yearWe’re detecting more Mac threats in 2018 than the same time last year. 

    Remember: "Threats” are more than just viruses

    It’s important to remember that viruses and other forms of malware aren’t the only danger to Mac owners. Email scams, fake websites, leaked passwords, online tracking, and identity theft threaten both Mac and Windows users alike. So when we talk about “Mac threats,” we’re not just talking about viruses.

    So… Should you be worried? Not if you use an antivirus for Mac and a bit of common sense. Also, have a look at the security and privacy tips I’ve rounded up below. They’ll help fortify your Mac against all manner of threats, from viruses and ransomware to criminal hackers and nosy spouses.

    1. A (very short) history of Mac malware

    Here’s a brief trip down memory lane to highlight just 10 examples of Mac malware discovered throughout the years. Famous mac malware

    1982 - Elk Cloner (one of the first known “in-the-wild” viruses for any computer, Elk Cloner was written as a prank by a 15-year-old)

    1987 - nVIR (virus with many variants)

    1995 - Concept (the first macro virus to spread in the wild via Microsoft Word, this was a harmless virus accidentally pre-installed on some CDs released by Microsoft)

    1998 - AutoStart 9805 (worm)

    2004 - Amphimix (a proof-of-concept executable disguised as an .mp3 music file)

    2006 - Leap-A (worm)

    2008 - BadBunny (OpenOffice macro worm)

    2010 - Pinhead-B (Trojan disguised as the iPhoto app)

    2016 - KeRanger (the first Trojan horse ransomware for Mac OS X)

    2017 - Patcher (ransomware that spread via BitTorrent)

    This list is obviously far from exhaustive, but it does prove that viruses and malware affect Macs, too. But don’t panic. The following tips will go a long way to keeping you safe. 

    2. How to stay safe on a Mac — 7 basic tips

    You don’t have to be a computer genius to stay safe on Macs. Here are 7 tips that anyone can do right now.

    Protect your Mac with a password

    Lock down your Mac with a password to prevent nosy friends and family from snooping through your private files. This will also stop thieves from getting to your private files if your Mac is ever stolen.

    To require a password anytime you start up your Mac, just disable the automatic login setting. Here’s how:

    How to disable automatic login on MacDisable automatic login from System Preferences > Users & Groups.

    1. Open the Apple menu

    2. Click System Preferences

    3. Click Users & Groups

    4. Click Login Options

    5. Click the lock and enter your password

    6. Choose Off from the Automatic login dropdown list

    That’s it. The next time anyone starts your Mac, they’ll have to enter your password.

    Need to change your Mac password? Just go here: Apple menu > System Preferences > Security & Privacy.

    How to change your Mac password

    From this menu you can also choose to require your password anytime your Mac goes to sleep, which is a great way to protect yourself if you need a coffee or bathroom break and don’t want to completely shut down your Mac.

    Just be sure to avoid these common password mistakes:

    • Do not ever use “password” as your password

    • Do not ever use your birthday, phone number, or any other easily guessed number

    • Do not ever use your name or your spouse’s, child’s, or pet’s name

    • Do not ever use the same password for more than one account

    Your password should be long and random, and it should never be reused on multiple accounts. See these tips for creating secure passwords.

    Keep your Mac updated

    An outdated version of macOS might contain bugs or security flaws that hackers can exploit to infect your Mac or steal your data. Outdated apps can also expose you to infection. So keeping everything up to date is essential.

    Thankfully, your Mac can help do this for you:

    1. Open the Apple menu from the top-left of your screen

    2. Click System Preferences

    3. Click App Store

    4. Make sure all of your auto-update settings are checked, and you’re good to go

    How to turn on auto-updates for your Mac appsTurn on auto-updates from your App Store preferences.

    At the bare minimum, check “Automatically check for updates” (to be notified when there’s something to update) and “Install system data and security updates” (to automatically install important security updates). But if you’re the type who always forgets or always postpones updates, just check everything under “Automatically check for updates”. It’s safer that way.

    (Note: Apps you’ve installed from outside the Mac App Store may need to be updated manually. Open these apps and look for an “Update” or “Check for updates” button, or search for their updates on the app’s official website.)

    Install only apps you trust

    You wouldn’t let a stranger into your home, so why let an unknown app onto your computer? Stick to trusted apps from official websites or the Mac App Store. And above all, avoid pirated software. Hackers often hide malware in pirated apps (and the keygens used to crack them), so installing a pirated copy is like playing Russian roulette.

    Screenshot of the Mac App StoreApple vets all apps in the Mac App Store for security. 

    Avoid unsafe websites and emails

    The easiest way to avoid landing on dangerous websites and opening infected emails is to use a trusted Mac antivirus. For example, AVG AntiVirus for Mac is a free antivirus that offers real-time protection against malware, unsafe websites, malicious downloads, and infected emails.

    Aside from an antivirus, it’s good to use a bit of common sense and follow these 3 simple rules:

    • Use your browser’s security features

      Modern browsers include privacy and security features to protect you online. Use them. Here’s where you’ll find them:

      Chrome: Preferences > Advanced > Privacy and security

      Firefox: Preferences > Privacy & Security

      Safari: Preferences > Security and Preferences > Privacy

    • Think before you click

      Don’t go click happy. Know where a link will take you before you click it. Just hover your mouse over any link in your browser — but don’t click it. Now look at the bottom of your web browser to see the exact address the link will open.

    How to see where a link will take youHover before you click to see where a link will take you.

    • Only open email attachments you trust

      Don’t recognize the person who emailed you? Then don’t open their attachment. Even if you do know the sender, don’t open their attachment if there’s anything fishy about the email. For example, if you get an email from FedEx about a missed delivery, and you aren’t expecting any packages, then it’s probably not a good idea to open the attachment that claims to be your receipt or tracking code. It’s probably a phishing email.

    Want more tips for staying safe online? See how to spot unsafe websites.

    Secure your webcam and microphone

    Don’t trust the green light. It’s no guarantee that your webcam is on, because hackers can disable webcam lights to secretly spy on you.

    To be absolutely sure that no hacker (or NSA employee) can watch you pick your nose, stick a piece of tape over your webcam. It may look silly, but it does the job. Even the FBI does it.

    Humorous image of how me, my friends, and the NSA see me when I put tape over my webcamWhatever your opinion, tape works.

    But what about your microphone? For external microphones, just unplug them from your Mac. Problem solved.

    Unfortunately, disabling your Mac’s built-in microphone isn’t as easy. Tape isn’t a solution, because it won’t block out all sound. The only fail-safe solution is to open up your Mac and snip the speaker wires, but that’s overkill for most of us. (If you’re being targeted by the NSA, however, snip away!)

    Luckily, your browser settings can help stop websites from hijacking your camera and mic. Here’s where to find them:

    Chrome: Preferences > Advanced > Privacy and security > Content settings > Camera (or Microphone)

    Safari: Preferences > Websites > Camera (or Microphone)

    How to block websites from using your webcam and microphoneMake sure websites can’t use your camera or mic to spy on you.

    You can also set your microphone input volume to zero to mute the microphone. Here’s how:

    1. Open the Apple menu from the top-left of your screen

    2. Click System Preferences

    3. Click Sound

    4. Select the Input tab

    5. Then slide the input volume slider all the way to the left.

    (Note: Sliding your mic’s input volume to zero isn’t a foolproof method, because some clever malware may be able to override your settings. But it will at least stop most apps from picking up your conversations.)

    How to adjust your microphone levels on a MacSet your internal microphone level to zero to mute incoming sounds.

    And, as always, install a good antivirus. An antivirus will help keep spyware off your Mac in the first place.

    Back up your data

    Years of personal photos, emails, documents, and other important information are on your Mac. And you drop it. Or it gets stolen. Or, just maybe, you’re one of the unlucky few to be hit with ransomware, locking you out of your files. However it happens, your data is bye bye.

    Which would you rather do?

    1. Pay a stranger (either a technician or a crook) hundreds of dollars to retrieve the data

    2. Load a backup onto another computer and carry on with your day

    I’m going with B. Having a backup on hand — before disaster strikes — will save you a ton of cash (and headaches) down the line. So be sure to make frequent backups to an external disk, and remove the disk from your Mac when it’s not in use. If the disk is connected when ransomware hits you, it will probably be encrypted, too. So be sure to physically disconnect it when you’re not using it.

    Screenshot of Time Machine, where you can back up your MacYour Mac’s built-in Time Machine makes backups a cinch.

    Your Mac already has the ability to make backups for you. Here’s Apple’s official page on how to back up your Mac using Time Machine, iCloud, and more.

    Use an antivirus (even if it’s free)

    I’m not going to waste my time on this one. Mac malware exists. So grab yourself a Mac antivirus and use it.

    AVG AntiVirus for Mac is completely free and can detect both Mac and Windows malware variants in real-time (to keep you from spreading malware to your Windows-loving friends). It also blocks unsafe downloads and email attachments, and its automatic updates keep you up to date against even the latest threats. 

    AVG AntiVirus for Mac user interfaceAVG AntiVirus for Mac is free and dead simple to use.

    3. How to stay even safer — 3 advanced tips

    So... You’ve applied the above safety tips, and things are looking oh-so-safer. But why stop there? Here are 3 advanced tips for protecting you and your privacy even further. 

    Encrypt your entire Mac

    Use your Mac’s built-in FileVault to securely encrypt your entire hard drive. According to Apple, “FileVault full-disk encryption (FileVault 2) uses XTS-AES-128 encryption with a 256-bit key to help prevent unauthorized access to the information on your startup disk.” In other words, FileVault scrambles your hard disk so that only you (with the password) can access any data on it. It’s available for free in OS X Lion and later. Here’s how to set it up:

    1. Open the Apple menu > System Preferences > Security & Privacy

    2. Click the FileVault tab

    3. Click the padlock, then enter an administrator name and password

    4. Click Turn On FileVault

    Boom! You’re done. Your hard drive will be encrypted, and anyone who starts up your Mac will need your password to continue.

    (Note: It may take some time to fully encrypt your Mac. According to Apple, “Encryption occurs in the background as you use your Mac, and only while your Mac is awake and plugged in to AC power.”)

    Learn more about FileVault on the Apple support page.

    Password-protect iWork docs, Microsoft Office docs, and PDFs

    Don’t trust the people in your house? Here’s how to add a password to private documents to prevent anyone but you from opening them.

    How to password-protect iWork documents

    iWork, Apple’s version of Microsoft Office, comes stock with any Mac. And it allows you to password-protect any Pages, Keynote, or Numbers file in a few simple steps:

    1. Open the iWorks file you want to protect

    2. Click File > Password

    3. Enter a password and then Verify it

    4. (optional) To help you remember the password, enter a Password Hint

    5. Finally, click Set Password

    The next time anyone tries to open that document, they’ll need to enter your password.

    How to password-protect Microsoft Word documents

    Working on the next great American novel, and don’t want others to read it? Here’s what you can do about it:

    1. Open the Word doc you want to protect

    2. Click the Review tab

    3. Click Protect Document

    4. On the Password Protect screen, enter a Password under Set a password to open this document. (You can even require a Password to modify the Word document)

    5. Finally, click OK

    The next time anyone tries to open that Word doc, they’ll need to enter your password.

    To remove the password, open your Word doc and go to Review > Protect Document. Delete the passwords on the Password Protect screen and click OK. 

    How to password-protect a Word document on your MacAdding a password to your Microsoft Word doc is easy. 

    How to password-protect Microsoft Excel documents

    Adding a password to a Excel document differs a bit from adding one to a Word doc, but it’s still easy. Here’s how to do it:

    1. Open the Excel doc you want to protect

    2. On the menu bar, go to File > Passwords

    3. On the File Passwords screen, enter a password in the Password to open box. (You can even require a Password to modify the Excel document)

    4. Finally, click OK

    The next time anyone tries to open that Excel doc, they’ll need to enter your password.

    To remove the password, open your Excel doc, go to File > Passwords, and delete the password on the File Passwords screen. 

    How to password-protect an Excel file on your MacMicrosoft Excel also allows you to password-protect documents. 

    How to password-protect Microsoft PowerPoint documents

    Your business PowerPoint presentations can often contain a lot of sensitive information, so it’s best to lock them down to keep them out of the wrong hands. Here’s how to do it:

    1. Open the PowerPoint presentation you want to protect

    2. On the menu bar, go to File > Passwords

    3. Under Password to open, check the Encrypt this presentation and require a password to open box

    4. On the Set a password for this presentation , enter a New password and then Verify the password

    5. Click Set Password

    6. Finally, click OK

    The next time anyone tries to open that PowerPoint presentation, they’ll need to enter your password.

    To remove the password, open your PowerPoint presentation, go to File > Passwords, and uncheck the Encrypt this presentation and require a password to open box. 

    How to password-protect a PowerPoint presentation on your MacYour Microsoft PowerPoint presentations can also be password protected. 

    How to password-protect PDFs

    Mac owners can password-protect any PDF right out of the box. No 3rd-party app is needed, thanks to Preview. Here’s how to use Preview to password-protect your PDFs:

    1. Open the PDF file you want to protect in Preview

    2. Open the File menu and then press the Option key, which will change the Duplicate menu option into Save As

    3. Select Save As

    4. Check the Encrypt box towards the bottom of the Save screen

    5. Enter a Password and then Verify it

    6. Click Save

    The next time anyone tries to open that PDF, they’ll need to enter your password.

    (Note: This will only work for PDFs. Preview does not support password-protecting images.)

    To remove the password from the PDF, just open the PDF and enter your password. Press the Option key to access Save As in the File menu as mentioned above, and then uncheck the Encrypt option. Save the PDF with a new name, and then delete the original, password-protected file.

    Use a password manager

    It’s not uncommon for someone to have dozens of online accounts. Email, Facebook, Twitter, banking, food delivery, airline services, and on and on. And for every account, you need a password.

    If you’re using the same password for all your accounts, you’re just asking to be hacked. (If a crook manages to get your password for one account, he’ll have it for all your others, too.) And if you rely on your web browser to remember your passwords for you, you’re also putting your passwords at risk. Passwords can be stolen from browsers, and anyone who is at your computer can use your browser to log in to any of your accounts.

    A password manager hides all of your passwords behind a single master password, so only you can access your accounts. It also helps you sort out the password madness by remembering every single password for you, and can automatically log you in to your accounts when you need to. A good password manager will even offer to create unique, random passwords for each of your accounts.

    Three recommended password managers for Mac are Avast Passwords (free and paid versions available), 1Password (annual subscription), and LastPass (annual subscription). 

    Avast Passwords for Mac user interfaceAvast Passwords is a free, reliable password manager for Mac.

    4. How to protect your Mac in public

    Whether you’re working in a cafe, park, or plane, here are a few tips to protect your privacy and prevent your Macbook from being snatched.

    Turn on Find My Mac

    Do this even if you never take your Mac outside your home, because if your Mac is ever stolen, Find My Mac is what you’ll use to find it — and remotely lock (or wipe) it so the thieves can’t use it. 

    Use Find My Mac to locate your lost MacFind My Mac (icloud.com/find) helps you track down a lost or stolen Mac.

    First, enable Location Services. Go to Apple > System Preferences > Security & Privacy. Select the Privacy tab and then Location Services. Click the padlock at the bottom of the screen and enter your password to be able to change your settings. Now check the Enable Location Services box. Finally, click the padlock again to lock your settings and prevent further changes. 

    How to enable Location Services on your MacTurn on Location Services from System Preferences > Security & Privacy.

    Once you’ve turned on Location Services, return to System Preferences and click iCloud. Check the Find My Mac box at the bottom of the list, and then click Allow when prompted.

    How to turn on Find My Mac Turn on Find My Mac to be able to track your Mac if it ever goes missing.

    Finally, be sure the Guest User account is enabled. It may seem counter-intuitive to allow a thief to use your Mac, but remember: Your Mac needs to access the Internet for Find My Mac to work. Giving the thief access to a sealed off Guest User account allows him to reveal his location without getting to your private data.

    To enable the Guest User account, go to Apple > System Preferences > Users & Groups. Click the padlock at the bottom of the screen and enter your password to be able to change your settings. Click Guest User, and then check Allow guests to log in to this computer. Click the padlock again to prevent further changes.

    20-users-and-groups-minTurn on Guest User to set a trap for thieves.

    Now that Find My Mac is on, if your Mac ever goes missing, simply use another computer (or smartphone) and go to icloud.com/find. From there, you’ll be able to do the following:

    • Find your Mac on a map — See your Mac’s approximate location when it’s connected to Wi-Fi

    • Play a sound on your Mac — If your Mac is somewhere close by, you can play a sound to help find it

    • Lock your Mac — If you can’t find your Mac, you can remotely lock it with a code to prevent others from using it

    • Erase your Mac — Remotely wipe the entire contents of your Mac and lock it with a code to prevent others from using it. (Warning! This can’t be undone, so only erase your Mac if you’re absolutely sure it’s gone for good. Once you’ve erased it, you won’t be able to use Find My Mac to locate it or play a sound on it.)

    What if your Mac is shut down or offline when you try to use Find My Mac? No worries, your action will take place the next time your Mac comes online.

    Learn more about Find My Mac from the Apple support page.

    Use a VPN (virtual private network)

    If you plan to use public Wi-Fi, you need a VPN. A VPN will encrypt your entire Internet connection to prevent anyone else from eavesdropping on what you do online. In a nutshell, a VPN will:

    • Protect your online privacy — Prevent governments, hackers, and ISPs from seeing what you do online

    • Secure your data — All data going in and out your Mac is encrypted so no one can read it

    • Unblock geo-restricted websites — Want to catch an episode of your favorite TV show while abroad? A VPN can disguise your location, so you can access content from anywhere in the world

    AVG Secure VPN for Mac user interfaceFlip the switch and go. AVG Secure VPN makes online privacy a breeze.

    For an in-depth look at what a VPN can do for you, check out our Ultimate Guide to Virtual Private Networks. Or just grab a free trial of AVG Secure VPN for Mac and see for yourself:

    Get a computer lock (yes, a real lock)

    A quick trip to the bathroom — or a refill on your coffee — is more than enough time for someone to make off with your MacBook. If there’s no one you trust to keep an eye on your computer while you leave the table, then you should consider getting a cable lock.

    A cable lock does the same job as a bicycle lock: it securely anchors your MacBook to a table or other immovable object so no one can run off with it. It’s not always 100% effective — with the proper tools, thieves can cut through just about anything — but it could stall a crook long enough for you or someone else to intervene.

    A cable lock for MacBooks can prevent theftA cable lock can help stop snatch-and-run theft.

    Not all MacBooks are the same, though, so be sure the lock you buy works with your Mac. 2014 and older MacBooks should have a standard Kensington lock slot. Newer MacBooks will need a dock or other attachment method.

    Amazon offers a variety of locks for Macs, or you can always google “cable lock for Mac”. Just be sure to get something with a cut-resistant cable, and read the user reviews before you buy.

    Use a screen filter

    Not comfortable with the person next to you looking at your screen? Slap on a screen filter for privacy. If you’ve ever used an ATM, you’re probably familiar with how these work. Only someone directly in front of the screen will be able to see what’s going on. Anyone looking from an angle won’t be able to see anything. 

    A screen filter for MacBooks can protect your privacyOn the bus? Continue writing your kinky blog in private with a screen filter.

    Screen filters come in all sizes, and they even make them for iMacs. Check Amazon for the best screen filter for your Mac. And again, read the reviews before buying.

    MAC

    Protect your Android against threats with AVG AntiVirus

    Free install

    Protect your iPhone against threats with AVG Mobile Security

    Free install
    Malware
    Security
    Clayton Weeks
    14-06-2018