Which security software should I install?

No!

None of the above.

Among those choices, the only differences are their respective degrees of utter worthlessness. "Anti-virus" developers that claim to protect macOS better than Apple's own engineers ought to be regarded with suspicion, if not outright derision.

Keep macOS updated and have a backup strategy. That's all you need to do.

For a more detailed explanation keep reading, if you so choose. It's been broken into several pieces due to a 5000 character limit.

Questions regarding the use of "anti-virus" or similarly categorized "Internet security" products frequently arise on this site. Many of them are from new Mac users whose previous computer experience was limited to traditionally virus-prone Windows PCs. Early Microsoft Windows versions were notoriously vulnerable to unauthorized modifications and malicious interference, which gave rise to a cottage industry of "anti-virus" software companies responding to a need for the operating system security Microsoft neglected to provide.

Apple and Microsoft's respective operating systems were originally conceived and developed completely separately, for use with completely different hardware, and their evolution has only diverged since their inception. In recent years Microsoft has made great strides in protecting its Windows operating system, but owing to macOS's original concept as a multi-user, multitasking operating system incorporating a fundamental requirement to keep users separate from one another, it was never as vulnerable to begin with. With each new release, macOS has only grown more secure from unauthorized tampering.

It's important to understand the nature of threats that exist today, and to appreciate the fact that "anti-virus" software peddlers have been reduced to abject panic as their traditional Windows PC market suffers its inevitable decline. The cottage industry described in the first paragraph has since grown to a multi-billion dollar behemoth with entrenched interests—an enormous beast that demands to be fed. The PC market's demise has led to a predictable response from them and shills who represent their interests, asserting that since Macs are rapidly growing in popularity, they have become just as vulnerable to "viruses" as PCs, implying an even greater need for the products they sell. It just isn't so.

What is true is that the growing base of Mac users are being increasingly targeted and exploited for scams that seek to defraud them of their hard-earned money. Criminals who seek to do that cannot succeed without your help. Don't give them the satisfaction.

The following describes simple principles that will serve to protect your Mac, and yourself, from the various threats that exist today. It's long, but if you read nothing else, read the first three numbered points and the Summary at the end. They are equally applicable to Macs, PCs, mobile devices or anything else that uses software to communicate with the world beyond it.

There will always be threats to your information security associated with using any Internet - connected communications tool:

1. You can mitigate those threats by following commonsense practices
2. Delegating that responsibility to software is an ineffective defense
3. Assuming that any product will protect you from those threats is a hazardous attitude that is likely to result in neglecting point #1 above.

macOS already includes everything it needs to protect itself from viruses and malware. Keep it that way with software updates from Apple.

None of the above. Only that which resides between your ears, and the built-in security mechanisms within macOS are necessary. Anything else, other than Malwarebytes for Mac (not anti-virus s/w), will introduce false triggers, attempt to remove valid parts of the operating system, or applications that it mistakenly believes are viruses, and interfere mightily with the operating system and other applications.

Installing anti-virus, and so-called Mac cleaner applications on your Mac is like going to your dentist and begging for multiple root canals.

None. Every bit of it is worthless.

There are no actual Mac viruses to catch, and none of them will stop you from choosing to install a Trojan. They're nothing but a waste of time, money and system resources.

Ahhhhh, such a scary thought to not install security software but this makes total sense. I'm going to bite the bullet and not install anything! I'm sure I'll get used to very quickly (and appreciate the performance boost).

That's the usual reaction from recovering Windows refugees. To them, it's like asking to jump without a parachute. Mac users never had a problem. If not for Windows' historic predilection for viruses (which even it no longer suffers from) we wouldn't be having this conversation.

Having established a multi-billion dollar business on Microsoft's vulnerabilities, "anti-virus" companies and their shills are the threat. Most of their products will destabilize your Mac, make it difficult to use, difficult to keep updated, slow it down, cause random crashes, harvest, upload and sell your personal information, take your money, or all the above. If that behavior doesn't characterize a "computer virus", what does?

Macs used to be a niche market. It wasn't until they became popular (after the introduction of the iPhone, and PCs began to fall out of favor) that the "anti-virus" establishment began to get concerned... and spread fear. Fear sells.

All of the items you mention are more toxic to your system the the

problems that they claim to solve. At best, they report lots of false

to make it look like they are doing something, usually just drag the

performance of you system down, and at worse will crash and

totally corrupt your system.

• Never install any product that claims to "clean up", "speed up", "optimize", "boost" or "accelerate" your Mac; to "wash" it, "tune" it, or to make it "shiny". Those claims are absurd.
  • Such products are very aggressively marketed. They are all scams.
  • They generally operate on the flawed premise that a Mac accumulates "junk" that needs to be routinely "cleaned out" for optimum performance.
  • Trial versions of those programs are successful because they provide the instant gratification of greater free disk space.
  • That increased space is the result of irreversible destruction of files, programs, or operating system components normally protected from inadvertent alteration or deletion. The eventual result will be unreliable operation, poor performance and random crashes that may not become evident for months or even years after their use, when updates to programs or macOS are eventually released.
  • Memory "cleaners" that circumvent macOS's memory management algorithms work by purging inactive memory contents to mass storage, which can only result in degraded performance and accelerated hardware failure.
• Never install pirated or "cracked" software, software obtained from dubious websites, or other questionable sources.
  • Illegally obtained software is almost certain to contain malware.
  • "Questionable sources" include but are not limited to spontaneously appearing web pages or popups, download hosting sites such as C net dot com, Softonic dot com, Software dot com, Soft Pedia dot com, Download dot com, Mac Update dot com, or any other site whose revenue is primarily derived from junk product advertisements.
  • If you need to install software that isn't available from the Mac App Store, obtain it only from legitimate sources authorized by the software's developer.
  • Apple's Gatekeeper is a fundamental defense against inadvertently installing software that may be malicious or untrustworthy. Use it.
• Don't supply your password in response to a popup window requesting it, unless you know what it is and the reason your credentials are required:
  • Your Apple ID and its password are the keys to your digital kingdom. Safeguard both of them just as you would your wallet or purse.
• Don't open email attachments from email addresses that you do not recognize, or click links contained in an email:
  • Most of these are scams that direct you to fraudulent sites that attempt to convince you to disclose personal information.
  • Such "phishing" attempts are the 21st century equivalent of a social exploit that has existed since the dawn of civilization. Don’t fall for it.
  • Apple will never ask you to reveal personal information in an email. If you receive an unexpected email from Apple threatening to close your account unless you take immediate action, just ignore it. If your iCloud, iTunes, or App Store account becomes disabled for valid reasons, you will know when you try to buy something or log in to this support site, and are unable to.
  • A variant of the same scam takes the form of an emailed receipt for an iTunes Store or App Store purchase you did not make. The email will contain a link soliciting your Apple ID to confirm the alleged purchase. Both the link and the receipt are fraudulent.
• Don't install browser extensions unless you understand their purpose:
  • Go to the Safarimenu > Preferences... > Extensions. If you see any Extensions that you do not recognize or understand, simply click the Uninstall button and they will be gone.
  • No Safari Extensions are required for normal operation.
• Don't install Java or Flash unless you are certain that you need it:
  • Java, a non-Apple product, remains a potential vector for malware. If you are required to use Java, be mindful of that possibility.
  • Java can be disabled in System Preferences.
  • Despite its name JavaScript is unrelated to Java. No malware can infect your Mac through JavaScript. It's OK to leave it enabled.
  • The same precaution applies to Adobe Flash Player. Newly discovered Flash vulnerabilities occur almost weekly.
  • Flash Player's demise is as imminent as it is deserved. You can help accelerate that inevitable fate by not using it.

• Don't rely upon Internet search engines to obtain technical support phone numbers:
  • Scam artists pay popular Internet search companies in exchange for greater prominence in search results, so their websites and contact information are given precedence over the legitimate companies they fraudulently claim to represent.
  • If you require technical support, determine the company's legitimate contact information from their own website or product literature, and initiate contact with them directly.
  • Support for all Apple products is obtained by using the Contact Support link at the top of this web page.
  • If you receive an unsolicited phone call from someone attempting to convince you a problem exists with your Mac, PC, or mobile device, it's a scam. Hang up.
  • Legitimate organizations such as Apple and Microsoft do not initiate contact in that manner.
• Beware spontaneously appearing, unsolicited popups demanding immediate action. Think before you click.
  • Popup windows are useful and required for some websites, but unsolicited popups are commonly used to deceive people into installing unwanted softwarethey would never intentionally install.
  • Ad-blocking Safari Extensions can help, but none are completely effective, and all of them can cause unexpected behavior.
  • If you encounter a popup, text message, email, or phone call indicating that your Mac is infested with some ick or that you need to take immediate action lest dire circumstances ensue, it is 100% fraudulent. Ignore it. Read Avoid phishing emails, fake 'virus' alerts, phony support calls, and other scams.
  • If you find Safari has frozen or "locked up", leaving you unable to dismiss the page, read Phony "tech support" / "ransomware" popups and web pages for the solution.
  • Any spontaneously appearing dialog insisting that you upgrade your video player right this instant should be summarily ignored. Such popups are commonly associated with sites that promise to deliver "free" movies, music, or other copyrighted content that is not normally "free", but no website that hosts interest-based targeted advertising is completely immune from that threat.
• Ignore hyperventilating popular media outlets that thrive by promoting fear and discord with entertainment products arrogantly presented as "news". Learn what real threats actually exist and how to arm yourself against them:
  • The most serious threat to your data security is phishing. Most of these attempts are pathetic and are easily recognized, but that hasn't stopped prominent public figures from recently succumbing to this age-old scam.
  • macOS viruses do not exist, but intentionally malicious or poorly written code, created by either nefarious or inept individuals, is nothing new.
  • Never install something without first knowing what it is, what it does, how it works, and how to get rid of it when you don't want it any more.
  • If you elect to use "anti-virus" software, familiarize yourself with its limitations and potential to cause adverse effects, and apply the principle immediately preceding this one.
  • Most such utilities will only burden your Mac while they look for viruses that do not exist. They will degrade its performance and prevent it from working properly while conveying no benefit whatsoever — other than to make you "feel good" about security, when you should actually be exercising sound judgment, derived from accurate knowledge, based on verifiable facts.
• Do install updates from Apple as they become available. No one knows more about Macs and how to protect them than the company that builds them.

Summary: Use common sense and caution when you use your Mac, just like you would in any social context. There is no product, utility, or magic talisman that can protect you from all the evils of mankind.

Tons of great extra info from John.

Yes, it sounds scary. Especially for anyone coming from Windows to the Mac and presuming you need something. Here's more reading material that may help explain why AV software is useless.

The term malware is short for malicious software and refers to any type of software you don't want on your computer, of which a virus is one type of malware. I’ve read many articles where Mac security professionals point out Mac viruses, which when you read what they are, they’re all Trojans. These, um, "professionals" should turn in their credentials. You can't get something that has yet to exist on the Mac OS. A professional should never, ever, use the word "virus" as a catchall term.

A general description for each:

Virus - can infect other directly connected computers or drives by copying themselves to them without any user interaction necessary. These do not exist in the Mac OS. A virus needs direct sight of the next device or software it's trying to install, or attach itself to.

Trojan - software that requires the user to do something to get it installed. There's lots of these. Especially on illegal file sharing sites where you download cracked versions of expensive, commercial software. Virtually a guarantee that if you install such software, it will also install some of the nastiest malware with it. Such as a keylogger, or back door. Adware actually falls under this category since most of it installs with other software you download from legal sites such as softonic.com and downloads.com. It's annoying when it gets on your system, but at least it isn't dangerous - yet. Some of the ads generated by adware are outright fraudulent. Such as the plethora of scare tactic ads used by the makers of MacKeeper.

Trojans need to be willingly (or unwittingly) installed by the user. Often, you don't know you're installing one because it's bundled in with something else you do want installed. Either way, even though you've downloaded the Trojan, there's still nothing for the AV software to "see".

Now you install it. Still no reaction from the AV software. The Trojan is either now already active, or you run the app after installing it (because it's disguised as something else you thought you wanted). And still no reaction from the AV software. Isn't this what it's supposed to do?

No. Neither the OS or the AV software is going to stop you from using your computer as you see fit. Even if the AV software sees it (and eventually may), it will be a day late and a dollar short. The Trojan is already on your Mac and the AV software did nothing to stop its installation, or even warn you it had been installed.

Ransomware is out there, though the only two or three known variants ever found have been patched against. In reality, ransomware is simply another Trojan since you have to download, install and run it. It can't get on your Mac by itself.

The latest version of MalwareBytes for Mac has a function to try and halt ransomware. Like standard AV software, the full version runs in the background all the time. Except, it's not watching for viruses (except maybe to let you know a Windows virus came in with an email). It's mostly watching for an app that is suddenly trying to encrypt your files. MalwareBytes will then do its best to shut the app down. But as mentioned, what known ransomware there is has already been patched against at the OS level.

Worm - smarter than a virus. They can search out other computers across a network all on their own and attempt to infect the ones it finds. The only known (and now long dead) worm was Oompa-Loompa. Also known as Leap-A. It first had to be installed by a user as a Trojan. It then looked for other users to infect across a network who were in your Messages account. With Unix in the way, it couldn’t install itself on the remote computer and would cause an admin password box to appear on the targeted Mac. Deny access, and it couldn't do anything. The user had to be dumb enough to allow a process to continue without thinking about why an admin box appeared from out of nowhere in the first place. While there were likely at least a few more, the official reported instances of infection by Oompa-Loompa was a grand total of 50 Macs.

For now, and has been the case almost entirely through the Mac OS’ existence, defeating malware is to use your brain. All known malware out there right now are Trojans. You have to download and install it. Gatekeeper recognizes some apps and will stop them from running, also posting a warning to delete the app/installer. Anything else will blow right through no matter what AV software you're running, or how many. They are useless. They are designed to try and stop automatic processes, such as the thousands of such viruses in Windows. Trojans bypass all of this. You choose to manually run an installer or app. It doesn't matter where it came from. The OS and AV software can only do so much to protect you from yourself. When you choose to run an app, either can only sit back and say, "Well, okay. You're the boss." Either may detect a problem after the fact, but it is of course too late, then.

The only thing you can truly call a virus that still exists are Word and Excel macro viruses. And those are almost 100% Windows malware. That is, the macro can't do anything to harm a Mac since the payload only runs on Windows. And unless you've changed the default settings in Word or Excel, if you happen to get an infected document sent to you, the macro can't run until you allow it (either will warn you the document contains a macro and gives you the option to run or block it). They fall under the virus category because if you allow an infected macro to run, all macros are automatically stored in the Normal template. Good or bad. After that, every new document you create carries the macro virus since they all start from the default template.

At this time, all AV software is nothing more than a drain on system resources. If you’re thinking is to be preventative against new threats, that is also a waste of time. No system can stop the unknown. If you download and run a new, unknown threat, neither the OS or AV software will see a problem with it since it isn't recognized.

There are numerous topics on these forums alone that prove how pointless AV software is on a Mac. My favorite? The person had three different types of AV software installed and running. And yet, an EtreCheck report showed their Mac was loaded with adware and other garbage. Yeah, the AV software was working just great!

Reportedly, a virus that could affect the Mac OS has been created in research labs where they look for flaws in the OS, then report their findings to Apple and Microsoft so the OS can be patched before crooks find these same openings. No Mac OS virus has ever been seen in the wild. At least, not yet.