Macs can't get viruses, right?
Or so the common wisdom goes, but recent developments in the world of cybersecurity have revealed that macOS devices might not be as secure as you think. From using weak and common passwords to falling for phishing scams, there are countless risks users face on a daily basis.
In 2019 Apple made changes to its notarization process. The tech giant announced that each new macOS app would need to be reviewed by Apple and given the go-ahead by a company developer before it could run on macOS, even if the app was to be distributed outside of the official Apple app stores.
These changes seem stringent and in line with Apple's reputation for proactive cybersecurity measures. But it came to light that despite the company's robust review process, Apple approved malware. The malicious code, a well-known trojan threat, was hidden within an Adobe Flash Player update.
The result was plenty of users being bombarded with a heavy influx of pesky adware.
While this incident might have brought mass attention to Mac devices' potential security pitfalls, it is not the only threat we know about.
As far back as 2012, cross-platform malware (malicious software that targets both Mac and PC operating systems) was discovered. The vector was the popular program, Java. It seems the threat level to Mac users has only increased since. In fact, Malwarebytes' 2020 State of Malware Report noted: "And for the first time ever, Macs outpaced Windows PCs in number of threats detected per endpoint."
The vast majority of macOS security threats consist of potentially unwanted programs (PUPs) and adware. While these might seem relatively tame in terms of danger, these vectors carry a greater threat level than you may expect.
According to the highly respected cybersecurity researcher Thomas Reed, adware and PUPs are sometimes more harmful than actual malware. These programs can decrypt network traffic, change system settings, and intercept into the systems making it difficult to eradicate completely.
Other security reports have variously highlighted the insidious nature of macOS threats and how the nature of adware and malware are merging. With one researcher going as far as to say that the lines between the two threats are increasingly blurred.
So why does it concern the average Mac user?
In short, the heady days of taking macOS security for granted are over. Now, Mac users need to take additional steps to secure their devices, both handheld and desktop versions.
Securing Your Mac Devices
Here's are our top security tips for Mac users in 2022 and beyond:
1. Use a Virtual Private Network whenever you are online
Downloading a VPN for your Mac is one of the very best ways to up your device's cybersecurity defenses. When you browse the internet or carry our work tasks with a Virtual Private Network enabled, you ensure two key things:
- Your internet activity is shielded from any prying eyes (aka threat actors)
- Any data that you send is fully encrypted
Some Mac users may already have a VPN for entertainment reasons, to skirt geo-blocking restrictions, for example. But VPNs are now considered essential cybersecurity tools in their own right. To get the best protection possible, keep your VPN on whenever you are online.
You can even set the software to launch on start-up so you don't need to remember to switch it on.
2. Keep all apps and your macOS updated
As we saw for the security threat examples above, Apple might be proactive when it comes to security, but that does not rule out a rising number of threats. Plus, if Mac users fail to keep their apps and macOS updated, they set themselves up for a security breach.
Tech companies release app updates and new versions of operating systems (OS) for a number of reasons, including to patch any known security flaws and vulnerabilities. Using outdated app versions and OSs is a recipe for disaster, you can think of it as akin to leaving the house but keeping your keys in the front door.
Mitigating the risk here is easy: keep all apps and your macOS updated to the latest versions.
3. Don't go rogue when it comes to apps
When you download new apps for your macOS devices, make sure they come from the official channels: the Apple App Store and the Mac App Store.
Fraudulent apps are a worrying trend and Mac users are also at risk. Although malware may still be in apps downloaded from the official app stores, there is less risk involved than if you download apps from unvetted sources.
It might sound uncommon, but fake apps are a well-known and persistent threat. A 2019 report from security firm Trend Micro noted hundreds of fake apps designed for both iOS and Android devices.
4. Watch out for phishers
Phishing is one of the most enduring cyber threats and it affects both Mac and PC users equally. In phishing attempts, threat actors leverage human psychology to obtain access to a user's device, implant malware, or steal personally identifiable data.
One common target is Apple IDs. These are easily sold by cybercriminals to other cybercriminals for profit.
To prevent yourself from being deceived by a phishing attempt, make sure you're aware of the tactics scammers use. Avoid clicking on links that arrive unrequested in your email inbox or your iPhone's iMessage app.
If you think an outreach attempt might be valid, but you're not sure, look out for these warning signs:
- A sense of urgency, for example, "act now to fix the error"
- Poor grammar and spelling
- Logos and branding that don't quite match the real company's own
- An email address that doesn't look valid
- Messages or emails that ask you to log in to your account
5. Use Apple's macOS encryption tool
A little-known macOS feature, but one that's incredibly useful, is Apple's FileVault encryption tool. It offers full-disk encryption to keep your information safe and sound. An added bonus is the ability to use FileVault to delete your data via Find My Mac if your computer is stolen or lost.
Here's how to turn on FileVault:
- Go to System Preferences
- Click Security & Privacy
- Unlock the preference panel on the lockpad icon
- Enter your admin credentials
- Click FileVault
- Click Turn On FileVault
Don't take your Mac device's security for granted. Instead, take steps to ensure your computer, phone, and data are kept safe from the rising number of iOS and macOS threats.
Special Content
