Here’s a new scam to watch for. A client reported running across a suspicious website masquerading as a human verification test. Instead of asking him to click pictures or solve a math equation, this one asked him to copy some text from the page and paste it into Terminal. The text was actually an encoded script that — if pasted into Terminal and executed — would have downloaded and installed malware designed to steal user data. Infected users could lose their login password, browser history and cookies, cryptocurrency wallet information, keychain data, Notes data, and a wide variety of personal files. The moral of the story: never paste unsolicited commands into Terminal. They may seem innocuous or even unintelligible, but they’re fully capable apps that can wreak havoc on your Mac.
(Featured image by iStock.com/stevanovicigor)