How to protect your Mac from malware | Cult of Mac

How to protect your Mac from malware


dead MacBook hack
Worried about malware? Do something about it.
Photo: Ste Smith

Over the past few weeks a new Mac malware called OSX/Dok has been all over the news. The Trojan horse accessed user’s Macs through email phishing. Once opened, it prevented users from doing anything on their Mac until they installed a bogus software update.

Malware attacks have been skyrocketing as of late, which means it’s more important than ever to be aware.

In today’s video, I’m going to show you 4 ways to help keep your Mac safe from malware.

Gatekeeper and firewall

Firstly, you should check your security settings as they manage Gatekeeper. Gatekeeper is a built-in security measure that blocks any software from being installed or opened if it hasn’t been digitally signed and approved by Apple. You may have come across this if you’ve ever tried to install an app that you’ve downloaded outside of the App Store.

To check your settings, head over to System Preferences and then Security & Privacy and make sure you’re on the General tab. At the bottom, you’ll see the ‘Apps Downloaded From’ section. Make sure you’ve got the ‘App Store and Identified Developers’ option checked.

This means that you can only install apps that have been approved and are known to be safe by Apple. Plus, you’re still able to install many apps from outside of the App Store.

If you need to bypass this, to install an app that you trust you can hold down Ctrl and click on the dmg. file and then choose open. You can then install an app that isn’t approved by Apple. Just make sure to be careful when doing this.

On top of blocking suspicious apps, Gatekeeper also blocks vulnerable Safari plug-ins like Flash or Java to help keep your Mac safe, stores malware definitions in its XProtect file, and features anti-phishing technology in Safari. If you find yourself on a fraudulent website, it will immediately alter you and disable the page.

As well as Gatekeeper, it’s best to make sure your firewall is on. It protects from unwanted incoming connections from the internet and other computers on the same network. To do so, head into system preferences and Security and privacy. Click the firewall tab and make sure that the button is set to on.

Stay vigilant

My second tip is to stay vigilant. Avoiding malware can be common sense for a majority of the time. But unfortunately malware is getting smarter and more convincing.

For example, OSX/Dok is a trojan horse that has been able to bypass macOS’s gatekeeper by accessing a genuine developer’s account and gaining a certificate, therefore tricking Gatekeeper into believing it was genuine. It then targeted users through email phishing.

Avoid responding to emails that ask for any passwords, to reply with any personal details, or to install any software directly from the email.

Another example of malware getting smarter is MacDownloader. It tricked users through fake Adobe flash updates. If you receive a message to update a plug-in or software that you use, it’s always best to avoid updating from the message and checking back on the official website. Luckily Apple does its best to stay up to date with all viruses and malware, but it’s always best to be wary.

Stay up to date

Probably the most important of all of these tips is to keep macOS up to date.

When installing a macOS update, most people are eagerly awaiting cosmetic changes and feature updates. If there’s no big changes, people may be inclined to hold off on an update.

But with each of update of macOS, new malware threats are added to the XProtect file. XProtect stores malware definitions to combat all malware known to Apple. Kind of like your antibodies against a virus. On top of updating XProtect files, the updates also patch any vulnerabilities within macOS. Make sure to keep your OS up to date to stay ahead in the fight against malware.

Third-party scans

While Apple has built in some great malware protection within Mac OS, it doesn’t hurt to get a second opinion. As we saw with the OSX/Dok trojan, it’s not impossible to trick Apple.

Fortunately, there are some great options available that are also completely free. Apps like Bitdefender and Malwarebytes can perform scans for malware and remove them whenever your worried about your Mac.

Hopefully these tips will help you avoid finding malware on your Mac. For more useful tips videos make sure to subscribe to the Cult of Mac YouTube channel.


Daily round-ups or a weekly refresher, straight from Cult of Mac to your inbox.

  • The Weekender

    The week's best Apple news, reviews and how-tos from Cult of Mac, every Saturday morning. Our readers say: "Thank you guys for always posting cool stuff" -- Vaughn Nevins. "Very informative" -- Kenly Xavier.