Email and Download Hygiene Tips
To this point Mac OS X has been immune from the various worms and viruses that have hit the Windows world so hard, a fact that has finally been noticed by some of the mainstream press. Unfortunately, this may result in the bozos who write this stuff also taking more of an interest in our platform. By default and by design, Mac OS X is less subject to some of the exploits used to subvert PCs but there are a few things you can do to prevent being the victim of any attempts that might be made:
- If you use the Mac OS X Mail application, turn OFF the preference to display images and embedded objects in HTML messages in its Viewing preference tab. You’ll have to manually display legitimate embedded pictures but you’ll be safe from attempts to include nasty scripts in messages and protected from spammers who include specially encoded image links which when viewed even briefly will verify your email address and result in you getting even more junk mail.
- Be very careful about running unknown applications. Our biggest threat is from so-called “trojan horse” applications that pretend to do something useful but contain hidden malicious code. If someone you don’t know sends you an application as an attachment throw it right in the trash. If you want someone else to try out an application you like then send them a link to the original source so they can download an original known-good copy. If you like to experiment with interesting new applications you hear about on the net then do it from a non-administrative Mac OS X account easily created via the Account preference pane. If an application requests authentication (an administrative account and password) and you aren’t sure why then don’t permit it and ask the author why they need it. Without administrative access it is essentially impossible for an application to cause problems for anyone but the current user.
- PLEASE DO NOT FORWARD CHAIN EMAIL! Any message that asks you to send a copy to everyone you know should be considered junk and trashed immediately no matter who sent it or the supposed good intent. Legitimate companies do not use chain letters to disseminate information, charities cannot get money from each copy you send and if you really want to spread happiness and good will then just say something nice to each person you meet that day. You’ll feel a lot better and we’ll all get less junk mail.
- Use BCC (blind carbon copy) for group messages. If you have a legitimate need to send a message to a group of people who don’t necessarily know each other, please do not simply enter all of the addresses in the TO or CC fields of your message and hit the Send button. Protect everyone’s privacy by putting just your address in the TO field and the other in the BCC field (must be enabled via the View menu in Apple’s Mail program.)
- DON’T TRUST EVERYTHING YOU READ! Any message claiming doom, gloom, criminal punishment and perpetual bad breath if you don’t immediately click on a link and enter sensitive personal and/or financial information is almost certainly a fake even if it appears to come from a legitimate source. It is trivially easy to specify a fake “from” address or hide the true destination of a web address while making it appear to point to a legitimate company. If the message claims your bank or ISP wants you to “verify your account info” then ignore the link provided in the message, point your web browser at the institution’s home page and check yourself or better yet call their telephone support number and ask directly.
- Consider turning ON the standard Mac OS X firewall (Sharing preference pane, Firewall tab), especially if you have high-speed Internet access. This will protect you from idiots who might try to attack unprotected services on your machine. One complication of this is that you’ll have to add exceptions to the firewall port list for special applications that you want to get through the firewall (iChat and iTunes music sharing for example.)
- Turn OFF any services you don’t need in the Sharing preference pane’s Services tab. By default Apple turns OFF all of these services anyway so if you haven’t touched them you should be OK. If you need file sharing to transfer files between your own networked machines and you have high-speed Net access then consider buying a wired or wireless router which will prevent anyone else from getting into your local network. They are cheap now (wireless routers can be had for $40!) and add another layer of protection.
Follow these rules and hopefully we’ll all be safe from the script kiddies and other nitwits if they do turn their attention to the Mac.