You may have seen some headlines today about a New Java Trojan that attacks Macs. It turns out that it also attacks Windows and Linux users as well. The Trojan pretends to be a video on Facebook. A user gets a message asking “is this you in this video” with a link. Upon clicking the link the user is prompted to install software. At this point an educated user should suspect that there is something wrong. It is not usual to need to install software to view a video. An educated user would abort and avoid infection.
Computers are made to run programs and have no idea which programs are good and which programs are bad. OS X, Windows, and Linux all have security mechanisms in place, but a user can always override security mechanisms.
Look at it this way. Your Mac is a fast shiny high performance sports car. Your security software represents things like seatbelts, crumple zones, brakes, and other safety equipment. You are the driver and you still must watch out for other traffic. When the traffic ahead of you stops, you have to hit the brakes. When the road curves you have to turn the steering wheel. Accidents will happen and that is when your security software attempts to protect you, but seatbelts don’t prevent all injuries. It is always best to avoid the accident in the first place. In this case avoiding the Trojan doesn’t take a lot of skill or knowledge.
It doesn’t matter if you have a Mac, Windows, or Linux computer, you will be attacked by cybercriminals and it is your good judgment that will afford you the most protection. Education is the equalizer in the fight against malicious software and cybercrime. The more you learn about safe Internet behaviors the better protected you will be. Your computer is the vehicle, don’t drive it into a brick wall.
Director of Technical Education
Author ESET Research, ESET