

First OS X fake installer malware spotted - derpenxyne
http://thenextweb.com/apple/2012/12/11/first-os-x-fake-installer-malware-spotted-as-sms-scams-are-ported-from-windows-and-android-to-mac/

======
rcush
The author of the article highlights one reason why users might be unlikely to
fall for this scam - the act of entering a phone number would arouse suspicion
- but in just a couple of minutes I have thought of several others:

\- A significant proportion of basic-functionality applications in OS X do not
require installation. Therefore one that does may appear unusual for the user.

\- Many applications for OS X are being delivered by the Mac App Store. As
time goes on, presumably the type of user that would be likely to fall for
such a scam would look in the App Store for it first.

\- The user of the application may have used it previously and therefore would
know this was not a normal installation experience.

\- If the application is freeware, the user may be aware of this and thus
suspicious of the activation. If the application is paid, it seems likely that
the malware would have been attained in an attempt to pirate the application.
Giving credit where it's due, someone who has the technical ability (by way of
understanding search and keywords, possibly torrents etc) to pirate would be
unlikely to fall for such an elementary scam.

\- If users are attempting to find an application through a search engine, it
seems unlikely that such an unscrupulous site as those distributing malware-
ridden applications would command a high search ranking.

I have used some broad generalisations, but these factors when taken in the
round should serve to minimise the impact of such a development by scammers.
Nonetheless, it's very sad to see OS X becoming more of a target for these
sorts of activities, even if as yet, the makers haven't been successful in
making viruses that operate without user permission.

