European Union Flag
European Apple Users Information & Support
LOGIN
RSS Feed Icon
via fetchrss.com
The next event is:
CES 2018

On 9 January 2018
More events…

macOS 10.13 High Sierra
FREE
Amazon UK Mac Software Affiliate Link
I love Quidco

Mac Security Article #6 - Networking/Internet/Online Shopping

Article ID = 86
Article Title = Mac Security Article #6 - Networking/Internet/Online Shopping
Article Author(s) = Graham Needham (BH)
Article Created On = 11th July 2012
Article Last Updated = 17th November 2017
Article URL = http://www.macstrategy.com/article.php?86

Article Brief Description:
Recommendations for staying secure when using a network/the internet/online shopping.

Networking/Internet/Online Shopping Security

This article has the following sections:
  1. Mac Networking
  2. Wireless / Wi-Fi Networking
  3. Browsing The Web
  4. Online Shopping
  5. Web Technologies To Be Aware Of
  6. Internet Plug-Ins and Video Codecs
  7. Email
  8. Instant Messaging
  9. Virtual Private Network (VPN)
It is number six in a series of MacStrategy security articles.

Mac Networking

We recommend the following:
  1. Where possible turn off (untick) and do not use any of the macOS sharing features (Apple menu > System Preferences > Sharing):
    • DVD or CD Sharing
    • Screen sharing
    • File Sharing
    • Printer Sharing/li>
    • Scanner Sharing
    • Web Sharing
    • Remote Login
    • Remote Management
    • Remote Apple Events
    • Xgrid Sharing
    • Internet Sharing
    • Bluetooth Sharing
  2. Turn on and configure the macOS Firewall (Apple menu > System Preferences > Security > Firewall tab)
  3. Turn off iTunes sharing (iTunes Preferences > Sharing tab > untick "Share my library on my local network")
  4. Turn off iTunes Home Sharing
  5. Turn off iPhoto sharing (iPhoto Preferences > Sharing tab > untick "Share my photos")
  6. Turn off Photos sharing (Photos Preferences > iCloud > untick features not needed)
  7. Where possible only connect your Mac to the local network using a physical ethernet cable
  8. Turn off unused networking services - in Mac OS X 10.5 or later go to Apple menu > System Preferences > Network > select the service on the left that you don't use and click the "-" button in the bottom left e.g.
    • Wi-Fi
    • FireWire
    • Bluetooth DUN
    • Internal Modem
    • IrDA

Wireless / Wi-Fi Networking

If you don't use wireless / Wi-Fi Networking turn off Wi-Fi - either:
  • go to Apple menu > System Preferences > Network > select Wi-Fi on the left and click the "Turn Wi-Fi Off" button on the right (this also helps with battery life)
  • or, in Mac OS X 10.5 or later go to Apple menu > System Preferences > Network > select Wi-Fi on the left and click the "-" button in the bottom left
If you are going to use wireless / Wi-Fi networking you should only use the following security protocols:
  • WPA-2 (WPA2-PSK with AES encryption)
  • WPA-2 (Enterprise)
  • RADIUS
See also, our Recommendations For Setting Up A Home Wireless/Wi-Fi Network article.
Do not use the following security protocols as they are all broken:
  • WEP
  • WPA-1 (TKIP)
  • WPA-1/WPA-2 mixed mode
If you are using wireless / Wi-Fi networking on a free/public Wi-Fi network you are highly recommended to use a Virtual Private Network (VPN) service because without one your network traffic, logins, user names and password could easily be stolen.

Browsing The Web

Follow our recommendations listed here:
If the browser supports it use its Do Not Track feature.

Recommended Web Browsers

If you are not running the latest versions of macOS please also see our article on running an older operating system.
Q. What are the current, supported versions of macOS / OS X?
A. macOS 10.13 (High Sierra), macOS 10.12 (Sierra) and OS X 10.11 (El Capitan) are supported by Apple.
Q. How can I tell which version of macOS / OS X / Mac OS X I am running?
A. Go to Apple menu (top left) > About This Mac > check the version reported for macOS / OS X / Mac OS X.
Web Browsers For The Current Versions Of macOS
  • Apple Safari (included with macOS)
  • Google Chrome
  • Chromium
  • Mozilla Firefox
  • iCab
  • Omniweb (does not have an Apple signed developer certificate)
  • Opera
  • Seamonkey (does not have an Apple signed developer certificate)
  • Maxthon Buy it now on the iOS App Store [USA only]
  • Yandex
  • Brave
  • Vivaldi
  • tenFOUR Fox (for older PowerPC based computers)
  • Citrio - no updates since 2015
  • Camino - development discontinued on 31/05/2013
  • Sunrise - no updates since 2012
  • Stainless - no updates since 2011
  • Microsoft Internet Explorer - no longer supported on/updated for Apple Macintosh computers
The following browsers are highly recommended for use due to their regular updates and focus on security: The following browsers are not recommended for use due to the security reasons given below:
  • iCab - poor security features
  • Omniweb - awkward plug-in handling
  • Yandex - cannot configure JavaScript and poor plug-in preference handling
  • Vivaldi - cannot configure JavaScript

Web Browser Security Options/Settings

Click on the browser name to see its security options/settings:
Apple Safari
  • Go to Safari menu > Preferences… > General tab > UNTICK 'Open "safe" files after downloading'
  • Go to Safari menu > Preferences… > Security tab > TICK "Warn when visiting a fraudulent website"
  • Go to Safari menu > Preferences… > Security tab > TICK "Block pop-up windows"
  • Go to Safari menu > Preferences… > Privacy tab > configure cookies and location services as required
  • Go to Safari menu > Preferences… > Extensions tab > switch "OFF" or configure as required
  • Go to Safari menu > Preferences… > Advanced tab > for 'Smart Search Field:' TICK "Show full website address"
Google Chrome
  • Go to Chrome menu > Preferences… > click "Advanced ↓" > configure the settings under 'Privacy and Security' as required e.g. switch ON "Protect you and your device from dangerous sites"
Chromium
  • Go to Chromium menu > Preferences… > click "Advanced ↓" > configure the settings under 'Privacy and Security' as required e.g. switch ON "Protect you and your device from dangerous sites"
Mozilla Firefox v57 or later
  • Go to Firefox menu > Preferences… > click Privacy & Security on the left > under the 'Permissions' heading > set Location, Camera, Microphone and Notifications settings as required
  • Go to Firefox menu > Preferences… > click Privacy & Security on the left > under the 'Permissions' heading > TICK "Block pop-up windows"
  • Go to Firefox menu > Preferences… > click Privacy & Security on the left > under the 'Permissions' heading > TICK "Warn you when web sites try to install add-ons"
  • Go to Firefox menu > Preferences… > click Privacy & Security on the left > under the 'Permissions' heading > TICK "Prevent accessibility services from accessing your browser" if accessibility services are not needed (browser restsart required)
  • Go to Firefox menu > Preferences… > click Privacy & Security on the left > under the 'Security' heading > set 'When a server requests your personal certificate' to "Ask you every time"
  • Go to Firefox menu > Preferences… > click Privacy & Security on the left > under the 'Security' heading > TICK "Query OCSP responder servers to confirm the current validity of certificates"
Mozilla Firefox v56.0.2 or earlier
  • Go to Firefox menu > Preferences… > Content > TICK "Block popup windows"
  • Go to Firefox menu > Preferences… > Security > TICK "Warn you when sites try to install add-ons"
  • Go to Firefox menu > Preferences… > Security > TICK "Block dangerous and deceptive content" with both "Block dangerous downloads" and "Warn you about unwanted and uncommon software" TICKED
iCab
  • Go to iCab menu > Preferences… > Security icon > set 'International Domain Names (IDN)' to "Show IDNs with secure letters and from the list"
Omniweb
  • Go to Omniweb menu > Preferences… > Download icon > UNTICK 'Open files in "safe" applications'
  • Go to Omniweb menu > Preferences… > Ad Blocking icon > select "Always" from the 'Block pop-up windows' pop-up menu
Opera
  • Go to Opera menu > Preferences… > TICK "Show advanced settings" in the bottom left > select "Privacy and security" on the left > configure the settings as required e.g. TICK "Protect me from malicious sties" under the 'Privacy' heading
Seamonkey
  • Go to Seamonkey menu > Preferences… > select 'Privacy & Security' on the left > TICK "Block reported attack sites (malware, viruses)"
  • Go to Seamonkey menu > Preferences… > select 'Privacy & Security' on the left > TICK "Block reported web forgeries (phishing)"
  • Go to Seamonkey menu > Preferences… > under 'Privacy & Security' on the left select "Popup windows" > TICK "Block unrequested popup windows"
Maxthon
  • TO BE CONFIRMED
Yandex
  • Go to Yandex menu > Preferences > Settings tab > click "Show advanced settings" > go to "Network" heading > TICK "Secure your network connection when connecting to public Wi-Fi networks"
  • Go to Yandex menu > Preferences > Settings tab > click "Show advanced settings" > go to "Network" heading > TICK "Use a DNS server with DNSCrypt encryption"
  • Go to Yandex menu > Preferences > Protect tab > TICK "Enable protection from malicious websites and programs"
  • Go to Yandex menu > Preferences > Protect tab > TICK "Enable phishing protection"
  • Go to Yandex menu > Preferences > Protect tab > TICK "Protect bank cards from phishing"
  • Go to Yandex menu > Preferences > Protect tab > TICK "Open online banking and payment system pages in Protected mode"
Brave
  • Go to Brave menu > Preferences… > select 'Shields' on the left > set 'Ad Control' to "Block Ads"
  • Go to Brave menu > Preferences… > select 'Shields' on the left > switch ON "HTTPS Everywhere"
  • Go to Brave menu > Preferences… > select 'Shields' on the left > switch ON "Block Phishing/Malware"
Vivaldi
  • Go to Brave menu > Preferences… > select 'Privacy' on the left > Third Party Services > TICK "Google Phishing and Malware Protection"
tenFOUR Fox
  • Go to TenFourFox menu > Preferences… > Content tab > TICK "Block popup windows"
  • Go to TenFourFox menu > Preferences… > Security tab > TICK "Warn me when sites try to install add-ons"
  • Go to TenFourFox menu > Preferences… > Security tab > TICK "Block reported attack sites"
  • Go to TenFourFox menu > Preferences… > Security tab > TICK "Block reported web forgeries"
  • Go to TenFourFox menu > Preferences… > Advanced tab > Encryption tab > TICK "Use SSL 3.0" and TICK "Use TLS 1.0"

Secure Web Sites (HTTPS)

Whenever you are transferring personal information especially financial transactions make sure your web browser is connected securely to the web site in question. If it isn't don't enter personal/financial details.
How To Tell if Your Web Browser Is Connected Securely
  • Apple Safari - URL text (to the left) coloured green + closed/locked padlock icon to the left of the URL area
  • Google Chrome - URL text to the left coloured green + closed/locked padlock icon to the left of the URL area
  • Chromium - URL text to the left coloured green + closed/locked padlock icon to the left of the URL area
  • Mozilla Firefox - URL text to the left coloured green + closed/locked padlock icon to the left of the URL area
  • iCab - background colour of URL area turns green
  • Omniweb - closed/locked padlock icon in the bottom right of the window
  • Opera - URL text to the left coloured green + closed/locked padlock icon to the left of the URL area
  • Seamonkey - background colour of URL area turns yellow
  • Maxthon - TO BE CONFIRMED
  • Yandex - URL text to the left coloured green + closed/locked padlock icon to the right of the URL area
  • Brave - closed/locked padlock icon to the left of the URL area
  • Vivaldi - URL text to the left coloured green + background area to the left coloured green + closed/locked padlock icon to the left of the URL area
  • tenFOUR Fox - address to the left coloured (green or blue)
NOTE: If you get a warning that a security "certificate" is not right or out of date do not use the web site! - if you need to use the site urgently contact them (preferably by phone) to let them know there is a problem with their security certificate.

Online Shopping (from the UK)

Follow these recommendations from official UK government web sites:
  • Only use a recommended web browser.
  • Set your browser's security settings
  • Keep your web browser up-to-date.
  • Be careful when you give your credit or debit card details on the Internet - make sure the connection is secure.
  • The trader must give their name and a geographical address, not just a PO Box number, and not just their e-mail address. They must also fully describe the goods for sale and orders must be confirmed in writing (usually via email).
  • As with any other type of purchase, shop around for the best deals and prices. In most cases, you are entitled to a seven working day cancellation period where you can change your mind (the Distance Selling Regulations), but this usually does not apply to 'auction' sites. You should always read the terms and conditions carefully before buying.
  • Watch out for high postage rates and for other hidden costs, such as VAT and other duty payable, particularly if goods are being sent from abroad.
  • Try to get personal recommendations for companies you have not done business with before. Alternatively, you can get help and advice from specialist organisations, such as Trust UK. Trust UK is an organisation endorsed by the UK government which enables consumers to buy online with confidence.
  • Remember, goods being sent from abroad may take some time to be delivered. Check with the trader how long this will take, and set a delivery date that you must have them by, if that is important. Where no delivery date has been agreed, delivery must be within thirty days. Goods and services ordered from UK and European Countries will be covered by the Distance Selling Regulations.
  • Check what the company's policy is on returning goods that you don't like or have changed your mind about, and find out who pays for the return postage. If they have come from abroad, you may be faced with a hefty postage bill to return them. Refunds must be made within thirty days.
  • On the subject of buying from abroad, remember that if you have problems such as faulty goods or non-delivery, it might be very difficult to get your complaint dealt with. Although your contract will probably be covered by UK law - allowing you to sue in your local court - getting money out of a company based abroad may be impractical. If possible, pay by credit card as this may give you additional protection in some circumstances.
  • For that reason, be wary of buying very expensive items from companies outside the UK or Europe unless you know them well - that way, if things do go wrong, you limit the risk.
  • Most importantly, print out the order, and keep any terms and conditions that appear on the web site, just in case of any disputes or problems later on.

Web Technologies To Be Aware Of

JavaScript

JavaScript (not to be confused with Java) is a scripting language that can automate tasks for your web browser, you or more importantly for the web site you are visiting. However, it is very powerful and it has the power to be very malicious. Unfortunately lots of web sites require it to be turned on. It is possible to turn this technology off but some web sites may not work properly if you do:
Controlling JavaScript In Your Web Browsers
  • Apple Safari - open Safari > go to Safari menu > Preferences… > Security tab > for 'Web content:' tick/untick "Enable JavaScript"
  • Google Chrome - open Google Chrome > go to Chrome menu > Preferences… > click "Advanced ↓"" > click "Content settings" under the 'Privacy and security' heading > click 'JavaScript' > configure as required
  • Chromium - open Chromium > go to Chromium menu > Preferences… > click "Advanced ↓"" > click "Content settings" under the 'Privacy and security' heading > click 'JavaScript' > configure as required
  • Mozilla Firefox - can only be configured/switched off manually
  • iCab - open iCab > go to iCab menu > Preferences… > JavaScript icon > tick/untick "Enable JavaScript"
  • Omniweb - open Omniweb > go to Omniweb menu > Preferences… > Security icon > tick/untick "Enable JavaScript"
  • Opera - open Opera > go to Opera menu > Preferences… > select "Websites" on the left > under the 'JavaScript' heading tick/untick "Allow all sites to run JavaScript (recommended)"
  • Seamonkey - open Seamonkey > go to Seamonkey menu > Preferences… > select "Scripts & Plugins" on the left under the 'Advanced' heading > tick/untick "Enable JavaScript for" 'Browser'
  • Maxthon - TO BE CONFIRMED
  • Yandex - cannot be configured
  • Brave - open Brave > go to Brave menu > Preferences… > select 'Shields' on the left > switch ON "Block Scripts (will break many sites)"
  • Vivaldi - cannot be configured
  • tenFOUR Fox - open TenFourFox > go to TenFourFox menu > Preferences… > Security tab > tick/untick "Enable JavaScript"

Java

Java (not to be confused with JavaScript) is a programming language which can run software on your computer directly in your browser simply by visiting a web site. It has recently been targeted for attack on the Mac platform. Once a Java "applet" is running it is extremely powerful and it has the power to be very malicious. Thankfully lots of web sites don't use it and it is possible to turn this technology off:

Java Security for Mac Users > How To Disable/Secure Java

Java RE v6 and earlier are end of life and are no longer supported/updated. If you are running Mac OS X 10.6 or earlier you are recommended to disable Java and read up on securing older operating systems.
Q. How can I tell which version of macOS / OS X / Mac OS X I am running?
A. Go to Apple menu (top left) > About This Mac > check the version reported for macOS / OS X / Mac OS X.
Securing/Disabling Java RE in OS X 10.7 or later
  1. Go to Apple menu > System Preferences > Java > (the Java Control Panel will open separately) > Security tab
    • If the Java preference pane does not exist you do not have Java RE v7 or later installed. Go to the disabling Java RE v6 instructions below.
    • If you have a Java preference pane and the Java Control Panel opens separately go to the "Security" tab in the control panel. If there is no Security tab you have an old version of Java RE v7 installed - update Java RE v7 first, then come back to these instructions.
  2. Set the 'Security Level' slider to "Very High".
  3. If you don't use Java untick "Enable Java content in the Browser".
  4. If you do use Java click "Advanced Security Settings" and configure as required for your Java usage.
  5. Now go to the 'Update' tab and tick "Check for Updates Automatically".
  6. Now go to the 'General' tab, click "Settings…" under 'Temporary Internet Files' and untick "Keep temporary files on my computer" and click "Delete Files…". Click "OK".
  7. You are now also recommended to switch off Java in your web browsers.
Disabling Java RE v6 in OS X 10.7 or later
  1. Go to Macintosh HD > Applications > Utilities > Java Preferences > General tab.
  2. NOTE: If you get a message stating 'To open "Java Preferences," you need a Java SE 6 runtime. Would you like to install one now?' click "Not Now" (you do not have Java RE v6 installed - go to disabling the Java plug-in in your web browsers).
  3. Make sure no Java versions are ticked under "On".
  4. Then go to the 'Network' tab and untick "Keep temporary files for fast access" and click "Delete Files…". Click "OK".
  5. You are now also recommended to switch off Java in your web browsers.
NOTE: If you need Java and have installed Java Update 2012-006 or later from Apple you will have no Java Preferences in Applications > Utilities or a Java plug-in so you are recommended to install Java RE v7 to give you the most up to date Java RE, a Java plug-in and a Java Preferences pane in System Preferences.
Disabling Java RE v5/v6 in Mac OS X 10.5 or 10.6
NOTE: Java will not work at all including locally installed applications that may require it.
  1. Go to Macintosh HD > Applications > Utilities > Java Preferences > General tab.
  2. Make sure no Java versions are ticked under "On".
  3. Then go to the 'Network' tab and untick "Keep temporary files for fast access" and click "Delete Files…". Click "OK".
  4. You are now also recommended to switch off Java in your web browsers.
Disabling Java RE in Mac OS X 10.4 or earlier
You cannot switch off Java in Mac OS X 10.4 or earlier and there is no Java Preferences so make sure you delete any (Java plug-ins and also switch off Java in your web browsers.

Disabling the Java plug-in In Your Web Browsers

NOTE: Java applets will not work in your web browser but locally installed Java applications may still work (see disabling the Java RE for your OS).
NOTE: You need to disable the Java plug-in for each and every web browser that you use/have installed.
  • Apple Safari - open Safari > go to Safari menu > Preferences… > Security tab > click "Plug-in Settings…" > untick "Java" in the list on the left
  • Apple Safari 5.1.9 (for Mac OS X 10.6) / 6.0.4 (for OS X 10.7/10.8) or later - open Safari > go to Safari menu > Preferences… > Security tab > untick "Allow Java" or you can tick it to enable it and you now have control of the Java plug-in for individual websites by clicking the "Manage Website Settings…" button
  • Google Chrome - Java is not supported (because NPAPI plug-ins are not supported)
  • Chromium - Java is not supported (because NPAPI plug-ins are not supported)
  • Mozilla Firefox - Java is not supported (because NPAPI plug-ins are not supported)
  • iCab - open iCab > go to iCab menu > Preferences… > Java icon > untick "Execute Java applets"
  • Omniweb - open Omniweb > go to Omniweb menu > Preferences… > Security icon > untick "Enable Java"
  • Opera - Java 7 or later is not supported - plug-ins cannot be disabled
  • Seamonkey - open Seamonkey > go to Seamonkey menu > Preferences… > select "Scripts & Plugins" on the left under the 'Advanced' heading > untick "Enable Plugins for Suite"
  • Maxthon - TO BE CONFIRMED
  • Yandex - Java is not supported (because NPAPI plug-ins are not supported)
  • Brave - Java is not supported (because NPAPI plug-ins are not supported)
  • Vivaldi - Java is not supported (because NPAPI plug-ins are not supported)
  • tenFOUR Fox - Java is not supported (because plug-ins are not supported)
REMOVING THE JAVA PLUG-IN FROM YOUR OS
NOTE: Java applets will not work in your web browser and they never will until you reinstall Java. Only follow these instructions if you will never use Java on the internet. If you are unsure simply switch off Java in all your web browsers.
  1. Go to Macintosh HD > Library > Internet Plug-Ins folder and remove/delete any of following items if they are present:
    • JavaAppletPlugin.plugin (alias/shortcut)
    • JavaAppletPlugin.plugin
    • JavaPluginCocoa.bundle
  2. Go to Macintosh HD > Users > your home directory > Library > Internet Plug-Ins folder too and remove/delete any of the above items if they are present.
NOTE: If there are multiple users on your computer you should remove the plug-in from each user account's Library.
NOTE: If you have OS X 10.7 or later your user Library folder is hidden. It can be accessed by going to the Go menu > Library while holding down the alt (option) key.

Internet Plug-Ins / Video Codecs

There are many internet plug-ins/video codecs available with some of the most popular being:
  • Adobe Flash
  • Adobe Shockwave
  • Adobe PDF viewer
  • Perian - Discontinued in 2012
  • Flip4Mac WMV components
  • iPhoto Photocast
  • Microsoft Silverlight
  • Microsoft Sharepoint
  • Microsoft Office Live
  • Apple QuickTime (part of the macOS operating system) - as of 10th December 2015 the QuickTime internet plug-in is no longer supported/updated. The latest security updates for OS X 10.9 or later should automatically disable the plugin. If you are running OS X 10.8 or earlier or you want to manually disable the plug-in go to Macintosh HD > Library > Internet Plug-Ins and disable/move/delete "nsIQTScriptablePlugin.xpt" and "QuickTime Plugin.plugin"
  • Real Player
  • Java - see our separate article on Java
However they are a very common attack vector/huge security risk so: You can also check most plug-in versions using the Mozilla plug-in check web site:
We can check your plugins and stuff
Controlling Plug-Ins In Your Web Browsers
  • Apple Safari - open Safari > go to Safari menu > Preferences… > Security tab > tick/untick "Allow Plug-ins" or click "Plug-in settings…" and configure accordingly
  • Google Chrome - [only the Flash plug-in is supported] open Google Chrome > go to Chrome menu > Preferences… > click "Advanced ↓"" > click "Content settings" under the 'Privacy and security' heading > click 'Flash' > configure as required
  • Google Chrome - [only the Flash plug-in is supported] open Chromium > go to Chromium menu > Preferences… > click "Advanced ↓"" > click "Content settings" under the 'Privacy and security' heading > click 'Flash' > configure as required
  • Mozilla Firefox - open Firefox > go to Tools menu > Add-ons > click "Plugins" on the left > configure plug-ins listed on the right as required
  • iCab - open iCab > go to iCab menu > Preferences… > Plug-ins icon > tick/untick "Use Plug-ins for embedded data (Flash, Quicktime, …)" or configure listed plug-ins as required
  • Omniweb - open Omniweb > go to Omniweb menu > Preferences… > Plug-ins icon > tick/untick plug-ins as required
  • Opera - [only the Flash plug-in is supported] open Opera > go to Opera menu > Preferences… > select "Websites" on the left > under the 'Flash' configure as required
  • Seamonkey - open Seamonkey > go to Seamonkey menu > Preferences… > select "Scripts & Plugins" on the left under the 'Advanced' heading > tick/untick "Enable Plugins for" 'Suite'
  • Maxthon - TO BE CONFIRMED
  • Yandex - can only be configured/switched off manually
  • Brave - [only the Flash plug-in is supported] open Brave > go to Brave menu > Preferences… > select 'Plugins' on the left > switch ON/OFF "Enable Adobe Flash Support"
  • Vivaldi - [only the Flash plug-in is supported] open Vivaldi > go to Vivaldi menu > Preferences… > select 'Webpages' on the left > configure Flash accordingly under the "Flash Plugin" heading
  • tenFOUR Fox - plug-ins are not supported

Email

Email is a direct attack vector so should always be used with caution especially when receiving emails from unknown senders or emails with attachments.
Spam
Consider using a spam blocker in your email client: Some email clients include Anti-Spam filtering:
  • Apple Mail - go to Mail menu > Preferences > Junk Mail
  • Microsoft Entourage for Mac - go to Tools menu > Junk E-Mail Protection…
  • Microsoft Outlook for Mac - go to Tools menu > Junk E-Mail Protection/Preferences…
  • Mozilla Thunderbird - go to Thunderbird menu > Preferences > Security > Junk tab
NOTE: Some email servers/providers offer spam filtering at the server level before it even reaches your inbox/email client software.
Confidential Information
Don't send confidential information e.g. personal or financial information via email unless you are using encrypted (SSL) email. Email is normally sent between your computer and the email server using clear text which means it can be intercepted and used (against you).
Don't send confidential information e.g. personal or financial information via attachments unless you encrypt the files first.
Attachments and links in emails
See our separate article on Malware, Social Engineering and Scams.

Instant Messaging

Instant messaging software such as iChat/Messages, AIM, Yahoo Messenger, MSN/Microsoft Messenger and Skype are common attack vectors. Make sure you are running the most up to date version of the software and be very wary of clicking on accepting messages from unknown users, clicking on any links or pictures in the message window.
NOTE: As of 6th July 2017 Skype requires OS X 10.9 Mavericks or later.
NOTE: AIM discontinued on 17th December 2017
NOTE: MSN/Microsoft Messenger shut down October 2014

Virtual Private Network (VPN)

Virtual Private Networks are a way of connecting directly to a computer or network of your choice securely. You set up a VPN server on the computer or network and then create a VPN connection on your computer to that computer or network. They can also be used when connecting to the internet via a free/public/unsecured wireless / Wi-Fi network. You can pay for a VPN service but note that these services only protect your network traffic from your computer to their server (wherever it is located) and after that the network traffic may be insecure - however, this is usually better than nothing/not using such a service on a free/public/unsecured wireless / Wi-Fi network!
VPN Servers
Some high end hardware routers/ADSL modems e.g. DrayTek feature VPN servers otherwise software based VPN servers are available:
VPN Clients
macOS has powerful VPN client functionality built-in. Otherwise third parties offer their own VPN client solutions:
VPN Services
Ideal when using a free/public/unsecured wireless / Wi-Fi network: --> Below is a small list of VPN providers - they are listed as is with no specific recommendation or ranking: If you want a more complete list along with dedicated information to enable you to make a choice/decision on which VPN provider to use we recommend consulting the That One Privacy Guy's VPN Comparison Chart. There's also thebestvpn.com comparison which primarily relies on upload/download speeds plus logging policy.

Article Keywords: Macintosh Mac OS X OSX macOS Security

This article is © MacStrategy » a trading name of Burning Helix. Apple, the Apple logo, and Mac are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc.


If this information helped you or saved you time and/or money why not donate a little to us via PayPal?
All proceeds go directly to MacStrategy / Burning Helix Limited to help fund this web site.
If this information helped you or saved you time and/or money why not donate a little to us via PayPal?
All proceeds go directly to MacStrategy / Burning Helix Limited to help fund this web site.

Go to this
web page
to donate to us.