Phished on a mac

Discussion in 'Mac Basics and Help' started by ndriver182, Aug 10, 2011.

  1. ndriver182 macrumors 6502a

    Jun 26, 2007
    I know this isn't an online security forum, but I was hoping that the Mac community could help me out on this one.

    Tonight I got an email from Facebook from somebody who supposedly wanted to be friends who was local. It seemed legit, but I was still leary. I went to the profile page and I was going to send the person a message prior to adding them. In retrospect I broke the golden rule to not click links in emails from unknown sources. I looked at the email headers and it looked pretty normal. Unfortunately things aren't normal.

    Shortly after visiting what I thought was the persons facebook page my wifi signal went out. I tried to reconnect and it would just time out. However, the network would still show up. Then it would ask for my router password but it would never work. I woke up my Mac mini from sleep and it also wouldn't connect. At this point I knew for sure there was an issue. I ran downstairs and disconnected power from the router.

    Clearly something got in and changed the password. I am writing from my iPhone on 3G. I changed the password on my appleid, credit card online banking site, Facebook account, and email. My plan in the morning is to do a hard reset on the router with the modem unplugged and change the wireless network name and wpa password.

    Here's the question. Is there any possibility that my MacBook air or mac mini could have been infected with something? I only accessed that fake link from the MacBook air. None of the other computers in the house were turned on tonight besides those two when all this happened. Both my air and mini are running lion. If the air has been compromised I can probably just do a refresh install of lion from the online recovery then restore via time machine backup from a couple days ago (it actually hasn't been online for about 2 days now so it's safe).

    Any thoughts or advice?
  2. GGJstudios macrumors Westmere


    May 16, 2008
    It's extremely unlikely that "something got in" or that your Mac is infected in any way. You can't infect your Mac simply by clicking on a website or a link in an email message. The only Mac OS X malware in the wild requires that you actively install something, usually entering your admin password. As long as you didn't do this, you're not infected.

    Try resetting your router and create a new WPA2 password. Make sure it's a complex password, using upper and lower case, numbers and special characters. Also check your DNS server settings and make sure they're OK. For more information on the DNS settings, read the section "Why am I being redirected to other sites?" in the link below.

    No viruses exist in the wild that can run on Mac OS X, and there never have been any, since it was released 10 years ago. The handful of trojans that exist can be easily avoided with some basic education, common sense and care in what software you install:
  3. ndriver182 thread starter macrumors 6502a

    Jun 26, 2007
    No, it didn't ask for my admin password. That would've been a massive red flag. That being said I still changed the admin password on my air and mini as I hadn't seen your post yet. I do feel better, but definitely like a bonehead regardless that I fell for it.

    I will tackle the router in the morning and will definitely be sure to follow the guidelines you mentioned above.

Share This Page