User profile for user: Peter-2001SO
Peter-2001SO Author
User level: Level 1
6 points

How can I prevent my iMac to get hacked again?

my bank account has been hacked, hackers logged into my account somehow getting around two-factor authentication, changed the phone number of an e-transfer listing to their own (or a temporary number) and sent themselves money. The back fraud department tells me I need to change my password which I did, but also to wipe out my computer... and reload.


Do I really need to do this or just use a online sweep program to remove any spyware or install a security program... I have read best protection is Apple iOS, kept up to date, and reboot computer at least weekly... which I do... so why did this not protect me?

What is best course of action to remove the possible malware or spyware, or whatever these criminals did?



[Re-Titled by Moderator]


Posted on Nov 29, 2023 10:35 AM

Reply

Similar questions

4 replies
User profile for user: a brody
a brody
User level: Level 10
85,382 points

Nov 29, 2023 11:09 AM in response to Peter-2001SO

MacOS runs on Macs, iOS runs on iPhones and iPads.


It is possible that you downloaded some errant program that anti-virus program is not able to detect. This is why the bank recommends wiping your computer.


Google Chrome is very succeptable to policy hacks.


chrome://policy is a link you can copy into Chrome if you use it to see if a .xyz or similar website has replaced the true policy. If it has, there are scripts that are known to fix that issue:

how to remove weknow.ac virus - Apple Community


TrendMicro has excellent page on removing all redirect extensions and plugins:

https://cleanerone.trendmicro.com/blog/how-to-remove-browser-hijackers-redirect-virus-on-mac/

I do not recommend buying an anyivirus tool.


Malwarebytes and Avast both have a free mode that can cleanly remove all other possible hacks.


if you save your password with any web browser, and have had a hack, it is time to completely change your password not save it with the browser.


If you have a utility such as 1Password for storing passwords, and you have been hacked after installing such a utility all those passwords may be compromised.


If after doing such a cleanup, your bank is still not satisfied, ask them to show you what evidence they have that you are still hacked. If it is some errant email, people spoof emails all the time. Mass email lists are great harvesting points for spoofed emails, and typically any virus on an errant user can copy emails from mass email lists. My recommendation if you get involved in a mass email list, demand that everyone use BCC, and not the To field or CC field to show the email addresses in the clear. This will avoid those email harvesters.


Lastly Mac OS does not require optimizers, and frequently these optimizers get installed because the popups their publishers send as scare tactics see my tip here about removing them if you find they are installed:


Amended comments to MacKeeper tip - Apple Community


Reply
User profile for user: a brody
a brody
User level: Level 10
85,382 points

Nov 29, 2023 11:34 AM in response to Ronasara

Don't install anything like GoTo Assist, Teamviewer, Anydesk, Connectwise, Kaseya tools that offer remote access to your Mac. Do not enable screen sharing on the Sharing system preferences, unless you have full trust of the screen sharing source. If you get popups saying you were hacked, the best thing to do is NOT call the phone number on the popup, and instead force the popup to quit with command-option-escape and selecting the browsers to quit like Chrome, Safari, and Firefox. Once quit, you reopen the web browser, and hold the shift key when you reopen the web browser. This gives you an option to open a blank page, the home page, or last page opened. Never open the last page opened. Clear your web browser cache and history (temporary files) from the preference pages of your web browser to ensure that bad page does not load again.

Reply
User profile for user: Ronasara
Ronasara
User level: Level 6
15,565 points

Nov 29, 2023 11:06 AM in response to Peter-2001SO

Here are some thoughts to consider.

  • I don't think that you need to wipe your computer's hard drive. I would check in the Applications folder to see if there are any apps that don't belong there - like one that allows for another computer to access yours, which is likely what caused this. Do you recall anytime recently when someone had you authorize their access to your computer?
  • The very best security is the use of many different passwords. Passwords which are at least 8 characters and which are complex. Are you doing this? It is the passwords which protect you. Passwords are used for your web sites, Wi-Fi access and modem access.
  • I keep an Excel spreadsheet witch lists each web site, the ID I use and its password. I print it out for quick reference. It is a page and a half. It is also password protected to open it.
  • Every day when I startup my computer, I visit the two web sites for banks I use and I check my checking account and the credit cards I use for any suspicious activity. It only takes about two minutes to do.

Remember, no one can access your computer unless you allow them to do so. If you do the things I have suggested above, you will seriously enhance your protection against experiencing another such event.

Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

How can I prevent my iMac to get hacked again?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up