The widely publicized Mac trojan OSX.RSPlug.A is the most recent piece of malware to target the Mac platform, and considering that there a lot of new Mac users out there it’s time everyone understood just how to protect themselves from these kinds of threats.
Brush up on your literature
First of all, you must understand exactly what sort of threat you are dealing with in OSX.RSPlug.A and its kin. The bug does not actually find its way into a computer through a back door or security hole, but rather through social engineering. Trojans are named after the Trojan Horse from classical literature. It has been told that the Greek army defeated the Trojans by hiding inside a hollow wooden horse that appeared to be a gift. When the Trojans brought the horse inside their gates, the Greek army emerged and claimed victory.
In computer terms, a trojan is a malicious piece of software that makes its way into your system through deceit and trickery. In the case of OSX.RSPlug.A, the host website detects that a Mac user is visiting, and tells him that he must agree to install a certain “codec” before he can view the video he requested. When he clicks the OK button and supplies his system’s administrator password, OSX.RSPlug.A is able to install itself and make malicious changes to his computer’s system files. The trojan has not forced itself into the system, but rather tricked the user into opening the front door.
Plain and simple, be a skeptic
The only way to avoid trojans is to be a skeptic. If you are going to blindly click any button or alert that appears on your screen, you are in for a world of digital hurt. When you click “OK” and enter your password at the request of a website or e-mail, you have given someone else permission to modify your computer. In order to keep the marauders outside your gates, you must be critical enough to spot a threat when it presents itself.
Whenever you are asked to give a program, website, e-mail, IM, or any other party permission to continue, make it your business find out to the best of your ability exactly what will happen after you click that “OK” button. Don’t panic - read what is on your screen, and look for red flags. Here is a list of things that should make you think twice:
- You did not request anything to be installed in the first place.
- The software is from an unknown company.
- The message is written in broken English, or has spelling and/or grammar mistakes.
- The message contains exaggerated punctuation such as multiple exclamation marks, meant to fool you into a sense of urgency.
- The message is in a foreign language.
- The software claims to solve a problem that doesn’t exist. Why do you need to install a strange video codec when you have never had trouble watching videos online until now?
- The software/message makes promises that sound too good to be true.
- The message contains ridiculous, flashing, seizure-inducing animations.
Anti-virus software is your back-up defense. No matter how good you think your anti-virus software is, or how much you paid for it, your first line of defense against any threat must be your own critical thinking ability.
