Avoiding infections on your Mac machine is easy if you follow a few tips:

1.) Enable Automatic Updates for anything that processes untrusted data.

Namely, the Operating System, Anti-malware, browsers and Flash Player.  It's critical that you're getting updates for the products fast and often.

Attackers are very sophisticated, and can exploit unpatched programs from a few days to a few weeks. Enabling automatic security updates will save you time and effort, while keeping your system safe.  The inconvenience of the occasional functional problem pales in comparison to what you might experience if some malware gets to your machine.

2.) Don't click links on websites or emails

Especially if they point to updates. Also, make sure that you always download installers directly from the App Store or vendor of the corresponding program.

Allow yourself to be skeptical, because it's quite easy to make legitimate-looking notifications. Don't follow links or pop-up notifications as a general rule of thumb.

When having automatic updates enabled and something tells you that you need to update it, it is highly likely that it's fake.  Wherever possible, just download applications from your operating system's App Store.

When you are unsure whether you need an update, open a new window and search for the specific product.  Make sure you're going to the developer's website and not to some random download site.  Download any software directly from the vendor and install it.

3.) Steer clear of suspicious sites

Nothing is free. If you're not paying, you're the product. When it's Facebook, they're selling your information. When it's something else, such as control over your computer.  Nobody is compromising your machine for fun. They're getting paid.

4.) [Optional] Use two-factor authentication, get a password manager, rotate all of your passwords[/size]

On a daily basis we receive news about data breaches, like the recent Amazon Privacy Incident reported before Black Friday, last week. Unique passwords limits the damage done by any individual breach.

So, you need a unique password for each site that you use, and wherever possible, you should also enable two-factor authentication. Two factor authentication is your friend. It will ensure that even if a hacker has your password, they also need control of your phone or secondary authentication hardware/software, in order to do anything with it. You want this enabled.

It's not uncommon for malware to install keystroke loggers to capture valuable information like log-in credentials, so you have to stay safe. Don't use credentials from any machine that you can't trust with 100% confidence.  If your other machines have been compromised or keep getting compromised, limit your use of anything important to the one machine you do trust, until you can work through everything and get it all back to a trustworthy state.

5.) [Optional] Use a browser with Flash Player Built-In

Adobe Flash is heavily used for exploits. Rigorous exploit kits have been packed is JavaScript files and other obfuscation methods, ready to be triggered by a few clicks or site visits. If you have a Flash Player that is not updated, many vulnerabilities exist that could allow hackers to access your machine or insert malware.

Having a Browser with Flash Player as a built-in component will help you in that regard. The Google Chrome browser for instance, includes that component. There's nothing separate to install or maintain, thus you can ignore any pop-ups or messages telling you that you "need to install / update Flash". For example, a Fake Flash Player for Mac notification is going around the Web, for the past month that claims that Flash is "out of date". Do NOT trust any such statements.

Manually typing a site's URL and checking the URL's and its redirects can ensure that you are going directly to the vendor of an application to get legitimate updates (if there are any).



This is an open discussion and if anybody has tips to add, is more than welcome to do so.

Best Regards,
Execute