Uh, I thought I had been pretty careful keeping Cruft off of my Mac, but I started getting these scam notifications saying “You have been infected”. WTF!
Basic Hygiene: Look for SYSTEMALERT in Safari > Settings > Websites
I know exactly what happened, to get a great deal, I had to turn off my many protections to allow a referral link (I’ll do anything for a 27 points per dollar deal from Rakuten for 1Password, I confess, this is a 54% discount and they also give you a 28% first-year discount, so go for it)
But, what happened is pretty subtle, even though I have antivirus on, I was getting a leaker. Turns out this is in Safari notifications, you should look through Safari > Settings > Websites and see what is allowed to be posted. There are sites I don’t remember saying yes to and one was called “SYSTEMALERT”, but I presume some Javascript thing bypassed this. Sigh
What everyone should be running
And another reminder here is the minimum stuff that you should be running on your Mac:
- AVG Antivirus. I don’t remember why I picked this one but it is free and seems to work. It catches web scams too which is nice.
- MacOS Firewall. There are some basic protections here, so go to System Settings > Network > Firewall and make sure it is on.
- NordVPN and Threat Protection. I find that as a default I have to have both the basic firewall on and Threat Protection, just be aware that it can have this bug where the browsers no longer work, then you need to check your network connection and make sure it hasn’t overwritten the DNS settings.
- Ghostery on Safari. Ghostery is my go-to protection in the browser itself. It does a decent job of blocking things. I did a test and it seemed like it worked pretty well.
When websites don’t work
But of course, there are times when you have to turn things off, here are my times:
- Zoom or Google Meets. Routing through a VPN is usually not great, so I turn it off, but I leave on Threat protection and everything else.
- Cashback Monitor, Rakuten, and other referral sites. This is when things are dangerous because these sites use dodgy referral networks and I find that many times, they are blocked by the threat protection, so my advice is to turn them off and then turn them right on. And make sure to check your Safari website notifications and also run a virus scan too.