In an Apple support document the company says it intends to release a security update to address the potential threat from malware claiming to offer a security application for download.
The malware, called MacDefender, MacProtector or MacSecurity offers to fix a claimed security breach when a user is redirected from one legitimate website to a fake one. Once a user provides their credit card information to pay for their new security software, the rest is history.
A recent phishing scam has targeted Mac users by redirecting them from legitimate websites to fake websites which tell them that their computer is infected with a virus. The user is then offered Mac Defender "anti-virus" software to solve the issue.
This “anti-virus” software is malware (i.e. malicious software). Its ultimate goal is to get the user’s credit card information which may be used for fraudulent purposes.
Apple’s support document goes on to say the Cupertino outfit is working on a patch that will automatically detect and remove the malware as well as its known variants, but until then it’s down to the individual users to be on the lookout and, if infected, to remove the thread themselves.
In the coming days, Apple will deliver a Mac OS X software update that will automatically find and remove Mac Defender malware and its known variants. The update will also help protect users by providing an explicit warning if they download this malware.
Be vigilant folks, and don’t offer your credit card details to anything even remotely suspicious.