Q: A few weeks ago, I Googled a product I was interested in purchasing. One webpage had a list of companies with links. When I clicked on a link, I was taken to a webpage written in a foreign language. I hit “back” immediately and returned to the previous page. I don’t know if that webpage in the foreign language was about the company I was researching or something nefarious. I did not close out the browser but clicked on the link again and was taken to what looked to be a legit page — in English, with info about the company and its products. There were no links on the questionable looking page that I clicked on, and I don’t recall clicking on any links on the legit-looking page.
Afterward I did a basic Malwarebytes scan, and it came clean. However, since then I’ve avoided doing anything financial such as checking my accounts, etc. I haven’t noticed my Mac acting weird or odd webpages popping up. My hunch says the computer is likely OK, but I’d still appreciate your input as I’ve never had this happen before on other product searches.
Lastly, which malware/spyware program would you recommend for a Mac desktop? Mine is operating on High Sierra, version 10.13.6.
— Andy Taggart, Seattle
A: Well, going on hunches, too, I would say there is no foolproof way of detecting the presence of malware. You’ve done the right thing by not clicking on anything on that suspect site and by immediately running a malware scan. But antimalware and antivirus programs are always playing catchup with new malware types. And yes, you can inadvertently acquire malware simply by visiting a webpage.
My hunch is like yours. Your computer is probably free of malware. But because there’s no way to be certain, I recommend that if you haven’t already configured your sensitive accounts with two-factor authentication that you do so now. With two-factor authentication after you log in the site will require you to confirm its you — generally via a code sent to your phone or generated by an authentication app — before you can access the site. Some sites are also beginning to offer verification via biometrics, such as a fingerprint.
I haven’t done a review in recent years of antivirus/antimalware programs, so I can’t recommend one. But I can share that I use Malwarebytes. And, of course, you can find recent reviews on the internet.
Q: I’m searching for a good authentication app and looking for recommendations. I appreciate whatever guidance you can offer.
— Ric Thorning
A: Good move. Authentication apps differ in terms of how easy they are to use, the information they require from you, whether and where they offer to back up your authentication credentials, and a few other factors. Best of all, they are all free.
One thing to keep in mind: I just upgraded my smartphone, and the manufacturer’s app did a great job of transferring all my apps, including my authentication apps, and data to the new phone. But I soon found out those transfers didn’t include the actual authentications in the authentication apps. As a result, I’m having to go to each site where I use 2FA and figure out a way to reconfigure it. In most cases — if you haven’t saved offered hard-copy recovery codes or can’t remember where you put them — that means a tedious process of contacting the site, proving who you are and resetting the account so you can access it and reconfigure 2FA.