~BD~ <~BD~@nomail.afraid.com> wrote in
news:b7KdnXm8x-dVbkPQnZ2dnUVZ8s2dnZ2d@bt.com:

> David H. Lipman wrote:
> <snip>
>> ====
>> This entry is available at
>> http://www.us-cert.gov/current/index...fender_macprot
>> ector_and
>
>
> The user searches for something on the web and clicks on a link.
> Sometimes the bad link is part of a comment left at a news site.
>
> The page pops up various screens and graphics to make it appear as
> if the web page has detected a virus on your Mac. It is all fake.
>
> If you click on anything on that page, including the cancel button,
> a you will download the malicious “Mac Defender” installer.
>
> If you have “Open Safe Files After Downloading” then the installer
> will launch and run.
>
> At this point the installer asks for the admin password, to get
> permission to install. The Mac Guard variant doesn’t ask for a
> password, but still asks for permission to install.
>
> If the user gives the password, it installs and infects the Mac.
>
> Fake virus scanning screens appear and declare that the Mac is
> infected with a virus, a credit card number is requested so that the
> Mac can be cleaned.
>
> http://macmost.com/mac-defender-trojan-malware.html

It's the same social engineering principle commonly used on Windows
systems. Evidently Mac users are just as gullable. [g]




--
Why drink the water from my hand?
Contagious as you think I am
Just tilt my sun towards your domain
Your cup runneth over again