People who write viruses want them to propagate, so they target common and susceptible operating systems, programs and hardware systems. Well, years ago Apple's market share was a fraction of that of Window's based machines, so there were simply a lot more security holes to exploit on a person per person basis. Since about 2007 with Apple's introduction of Intel-based Macs, the Apple market share has increased dramatically.
As you can read in this CNET article from a few years ago, not only are the most common cyber-attacks achieved through Social Engineering, but the exploits are usually directed via Applications, and most commonly web browsers like Internet Explorer, Safari, Chrome, etc, and they are OS agnostic.
Both PC and Mac computers allow the user to install arbitrary applications and browser plugins or extensions and these applications, plugins and extensions (usually FREE and often purporting the offer access to unethical content like pirated material, discount codes and pornography) end up at best creating annoying pop-ups and/or slowing down the computer, and at worst sending our private information to tech-savvy pirates half way around the world.
Some professional virus writers steal application credentials to sell or publish along with "warez", or commercial applications that have been "cracked". These are often used as bait to entice users to click through advertisement-filled web networks, which are again full of dubious invitations which also introduce viruses. There is malware designed to access Paypal or other ebanking accounts and transfer funds to pirates. Some malware will redirect browsers to pay-to-view websites. For an overview of types of virus writers, here's a quick read from a computer shop in San Diego.
Cyber Security journalist Brian Krebs breaks down types of malware attacks into the following eight categories:
- Web Server
- Spam Zombie
- Email Attacks
- Account Credentials
- Virtual Goods
- Financial Credentials
- Reputation Hacking
- Hostage Attacks
Each of the above categories is sub-categorized in this 2012 article aptly titled, The Scrap Value of a Hacked PC. My mom's Macbook Air got attacked by some Ransomware a year ago. That's a subcategory of Hostage Attacks in which you are informed that your computer has been infected by a virus, and shares a phone number through which you can pay (in this case about $150) to have them walk you through removing it.
In this case it was an actual virus that had purported to be an application that would "clean my Mac", but sometimes these ransomware attacks are simply contained within a web page that will frighten users into thinking there is a virus installed when there isn't even one on the system.
If you do end up with malware on your Mac, don't blame yourself. It probably is your fault, but it happens to everyone eventually. If you really want to dig into the issue yourself, you're likely to find hints about the virus' source in the `~/Library/Preferences` and `/Library/Application Support` directories and by checking the Activity Monitor (Applications>Utilities>Activity Monitor.app). But we're pretty affordable if you're inclined toward other adventures.
Either way, feel free to give us a call so we can at least make a recommendation on today's best Mac/Apple/OS X antivirus and security applications and approaches. Remember to be patient, take a deep breath before clicking "yes", "download", etc and consider reading the whole message. Pensacola, we're here for ya before and after the infection so don't be a stranger.