Trojans or More Nonsense?

Discussion in 'Mac Basics and Help' started by Christine1234, Nov 3, 2011.

  1. Christine1234 macrumors regular

    Christine1234

    Joined:
    Mar 2, 2011
    Location:
    Flagstaff, AZ
    #1
    I've been waiting for someone to send me some very important information. This morning I received an e-mail from her. It contained only a link. I know better than to click on links in e-mails, but didn't want to fail to receive the info. I cut and pasted the link into the URL bar and it immediately started running something from Windows saying I had 3 trojans and was testing the computer. It wouldn't let me out so I did a force quit, then rebooted. I'm running Tiger (10.4.9) on a G4 eMac. The URL was alphamind.maxhansen.net/testblog/wp-content/plugins/invite.php, and I thought it might be from an attorney or just a new age web site belonging to her that she was using.

    Anything to worry about, or is it just more annoying advertising nonsense?
     
  2. simsaladimbamba

    Joined:
    Nov 28, 2010
    Location:
    located
    #2
    Nothing to worry about, it was a scam aimed at Windows users, apparent via the Windows graphics you saw.


    As you can see from this screenshot:
    [​IMG]
    it is meant to show the Windows Explorer, and Mac OS X does not like like this.
    The purpose of such ads, is to scare users into downloading some kind of software to remove some threats, which were never there to begin with, but by installing that downloaded software, the user installs spyware or some form of trojan or some other kind of malware.
     
  3. Christine1234 thread starter macrumors regular

    Christine1234

    Joined:
    Mar 2, 2011
    Location:
    Flagstaff, AZ
  4. stev3n macrumors 6502

    Joined:
    Feb 9, 2010
    #4
    I was on a website and one of those windows scam websites popped up and downloaded an executable file onto my Mac. I'm glad I don't use a pc.
     
  5. Christine1234 thread starter macrumors regular

    Christine1234

    Joined:
    Mar 2, 2011
    Location:
    Flagstaff, AZ
    #5
    Fortunately, you're using a Mac. :)

    I didn't put a password on the computer since there's no one else around to get into it. There are threads saying that you have to give them your password in order for the malware to activate. Since I don't have a password on the computer itself, will this matter? And if it does, how can I add one?

    I'm not too computer savvy. Thanks for the help!
     
  6. snberk103 macrumors 603

    Joined:
    Oct 22, 2007
    Location:
    An Island in the Salish Sea
    #6
    Go to System Preferences -> Accounts

    Click on your name in the account listing and then change the password. It doesn't have to be a complicated password. From what I've read, and surprisingly - a simple word with a few numbers tacked onto the end is often more difficult to "crack" than some complicated looking passwords that substitute numbers for letters. Bell vs B3ll. A better password would be Bell123.
    Good Luck.
     
  7. stev3n macrumors 6502

    Joined:
    Feb 9, 2010
    #7
    In order for malware/trojans to "install/run" on your Mac, you need to type your administrator password. Even if you did not create a password (you just hit return when prompted for administrator password) you would still need to push enter when prompted by the malicious program. Apple recommends that passwords for administrator accounts should not be blank. Mac OS X: Changing or resetting an account password
     
  8. Christine1234 thread starter macrumors regular

    Christine1234

    Joined:
    Mar 2, 2011
    Location:
    Flagstaff, AZ
    #8
    I just followed your instructions and put a password on it.

    Thanks!
     
  9. snberk103 macrumors 603

    Joined:
    Oct 22, 2007
    Location:
    An Island in the Salish Sea
    #9
    Yeah!!!

    There is one more thing you can do, if you want just a bit more piece of mind. You've already done the most important bit, and you can stop there, but this just finishes the job.

    I'm also a single user system, but I have two accounts set up.

    The one I use daily is a "Standard" account. It has no administrative privileges. I also have an Administrative account I call "Trouble". It is set to Administer the computer.

    On a daily basis I am in my Standard account. Several times a day I do something that requires administer privileges, and it pops up a little box that asks me to "authenticate" myself. At first it might seem like a bit of a pain, but I figure it gives me two protections.

    1) Just in case I ever do download a working malware it will only inherit non-admin privileges, it won't be able to do anything serious without 1st asking for authentication - which would alert me that there is something happening that shouldn't be. This is a rare scenario though, and not the main reason I don't run as an admin...

    2) As you get to know OS X it gets tempting to fiddle with the system, and fiddling with the system can cause "issues" if you don't do it correctly. A Standard user is limited to how much damage they can do, and the "Authentication" dialogue is a reminder to myself that I am walking on thin-ice, to be careful, to have a backup, to not get distracted, etc etc It's like having a string on your finger to remind yourself of something. The string doesn't do the 'remembering' - it merely tells that there is something to be 'remembered'. The same way that the needing to type the admin user and password reminds me to be careful.

    Hope this helps.
     
  10. Christine1234 thread starter macrumors regular

    Christine1234

    Joined:
    Mar 2, 2011
    Location:
    Flagstaff, AZ
    #10
    Will do, thanks. There have been times when it's asked for an Administrator password while I was looking around in the system preferences to see what was there.

    I think I'll name it Back Off! as a warning not to do anything I'll regret.
     

Share This Page