Use Safari on your Mac? Make sure you change the default settings

SafariMac malware is making big headlines, with numerous reports of users being affected.

The latest attacks don’t even need you to enter a username or password to install their fake anti-virus attacks onto your Mac.

With more variants of the malware appearing all the time, we’ve clearly reached a tipping point – and it wouldn’t be a surprise to see more cybercriminals trying to take advantage of the many Mac users who haven’t properly protected themselves with anti-virus software.

Aside from anti-virus software (and, by the way, you can’t claim money is a reason why you haven’t protected your Macs, as we offer a free anti-virus for Mac home users), there are some other steps you can take which might reduce your exposure to attack.

Sign up to our free newsletter.
Security news, advice, and tips.

One step, for instance, that every Mac users should consider is changing the default settings in Apple’s Safari browser.

Apple made a poor decision when setting the defaults for Safari, allowing so-called “safe” files to be automatically opened after downloading. This can obviously be exploited by malware attacks, such as the fake anti-virus campaigns that we have been seeing recently.

Safari for Mac preferences

So, make sure that “Open ‘safe’ files after downloading” is un-checked on your Macs.

Of course, even when turned off it’s still possible to manually open malicious programs that have been downloaded to your Mac, but disabling this feature would seem a sensible step for most Mac users at this stage.

Hopefully Apple will reconsider the default settings in a future version of Safari.

Just to be clear, making this settings change is no substitute for running anti-virus software on your Mac. But you knew that, right?

DownloadFree Anti-Virus for Mac
Download Sophos Anti-Virus for Mac Home Edition


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.