Network News

X My Profile
View More Activity

Scareware Program Targets Mac Users

The same tried-and-true social engineering tactics traditionally wielded against Windows users to frighten people into buying bogus security software are now being employed to target Mac users. Security experts say the curators of warn visitors that their machine is full of threats to the user's privacy, and that he or she needs to pay for a $39.99 software license to remove the bogus threats.

Anti-virus maker F-Secure says the MacSweeper site, which is based in Ukraine, has all the features of a scareware scam, including a company boilerplate message lifted entirely from Symantec's corporate Web site. The MacSweeper home page is riddled with grammar and spelling mistakes. Take this gem:

"The imbibed set of features locates all the junk and useless data on your computer and deletes them to reclaim the wasted space. It also removes all the unwanted references stored on your computer and makes it run like a new Mac."

A quick search on the support forum at suggests that some Mac users have been driven to the MacSweeper site by ads that redirect visitors to the company's homepage.

Regardless of which operating system you use, here's a good rule of thumb for applications: If you didn't go looking for it, don't install it. Never install anything that uses these types of scare tactics. And try to do as much basic research on a program as you can before installing it.

By Brian Krebs  |  January 15, 2008; 1:50 PM ET
Categories:  Fraud , Latest Warnings , Safety Tips  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   StumbleUpon   Technorati   Google Buzz   Previous: Safeguarding Your Passwords
Next: Targeted Attacks Use Unpatched Excel Flaw


But, but, but, Steve Jobs is the messiah and Mac users are just too smart for this!


F-Secure makes an important point:

"So what does the first Mac rogue application really mean? It means that with Mac's growing popularity and growing user base comes certain problems that can't be ignored. Mac users will increasingly come under attack from bad guys and this new rogue application and the constant stream of new variants of DNSChanger is proof of that. It doesn't mean that Mac is becoming less secure in and of itself. But it does mean that Mac users will have to watch out for social engineering tricks just like Windows users have had to do for years."

Bottomline: defense in depth (Google it) :P

Posted by: TJ | January 15, 2008 2:27 PM | Report abuse

From the F-Secure link:

"Today I spoke with a journalist about MacSweeper and he said something that stuck in my mind.

"I visited the website.
I know I probably shouldn't have but I used a Windows PC so I knew I wouldn't get infected."

Now that's something you don't hear everyday!"


Speaking of Apple, they just released QuickTime 7.4 with security updates.

Yet it does not appear to resolve a critical vulnerability reported last week.

Posted by: Tim | January 15, 2008 11:58 PM | Report abuse

One of the beauties of a UNIX system is that they, like us Linux users, still don't have to fear that the program will install itself on its own like often happens with Windows. Of course, the people making this site know that social engineering almost always works. Users are the weakest part of any security system. "I just wanted to see the e-card some random person sent me!" and "I just wanted to play poker!" are common ones. Hopefully, users should be smart enough to notice that they are being prompted for their passwords, meaning something administrative is being done...meaning that e-card is doing something it shouldn't be doing. Trojans like this make asking for the password seem perfectly reasonable, unfortunately. I quite like the repository system. I can be reasonably certain nothing in Debian's (or Ubuntu's) repository is out to get me. Yes, that requires trusting the package maintainers, but given Debian's longstanding reputation for strong stability and security, I'm willing to go for that.

Posted by: Mackenzie | January 16, 2008 1:13 AM | Report abuse

A Deeper Look On MacSweeper, with developer comments:

Posted by: AngelO. | January 21, 2008 2:16 AM | Report abuse

The comments to this entry are closed.

RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company