Mac Malware/poisoned images
Two detailed articles that go into greater depth of the malware attacking Mac users.
http://www.securelist.com/en/blog/6211/Rogueware_campaign_targeting_Mac_users
If your new to the party:
Mac targeted trojans are making their rounds mostly by poisoned images from Google.
The exploit depends upon Javascript, you can choose to turn it off in Safari preferences, however large portions of the web don't display or operate correctly without Javascript running.
A easier preventative option would be to use Firefox and the NoScript Add-on, use Firefox toobar customization to drag a NoScript button to the toolbar.
NoScript turns off all scripts and plug-ins by default, which you enable on a per site, per need, per visit type basis by clicking the NoScript button.
Firefox also has a pop-up window with a opt out before the downloads occurs, another safety step.
If you have click happy types types, it's advised to install the Public Fox ad-on as well, set a password on the broswer downloads.
If you have the trojan web page on your Mac's screen, simply use Apple Menu > Force Quit to quit the browser.
If you've downloaded but not run the installer, delete it immediatly from your downloads folder.
If you've installed the trojan and gave it your admin password, you need to backup your files to a external drive and c boot off the installer disk and Disk Utility > Erase with Zero your whole boot drive and reinstall OS X fresh, re-install all programs from original sources, scan your files with a AV software and then return them to your computer.
If you gave the AV software your credit card information, you need to call the credit card company and cancel the charge and freeze it. Assume your identity has been stolen and take appropriate action to defend your identity.
http://www.ftc.gov/bcp/edu/microsites/idtheft/
Some other advice:
Use only low amount debit/credit cards online with amounts your willing to risk losing.
Do not enable overdraft protection with these on line type cards.
Maintain the bulk of your funds in more secure, no user electronic access accounts (keep the blame for loss entirely on the bank)
Beware that banks and credit card companies like to increase your credit/debit card limits without notice.
If you lose a considerable amount of funds through a electronic means in your control, like a ATM, credit card, debit card or on line banking, expect a very long and tiresome legal battle to hopefully regain those funds and prove fault.
(note: I receive no compensation from mentioning these sites/article or their solutions, etc)
MacBook Pro, Mac OS X (10.6.7), 17" Quad XP, Vista, 7, Linux(s)
