How to Shore up your Mac’s security
1 Disable file sharing
It can be useful to be able to share files, printers, screens, and other features while at home, but you should disable them in System Preferences’ Sharing pane when using your MacBook on other networks.
2 Encrypt the disk
Encrypting your Mac’s storage prevents anyone else from accessing its contents. Go to System Preferences > Security & Privacy > FileVault and click “Turn on FileVault” – your Mac is then encrypted even as you use it.
3 Safari extensions
There are great extensions for Safari, but some risky places on the internet to download them from. Stick with Apple’s curated collection for safety: in Apple’s web browser, choose Safari > Safari Extensions.
4 Fraud warnings
Safari is able to warn you about unsafe websites before you even go to them. Again with Safari in the foreground, go to Safari > Preferences > Security and check the “Warn when visiting a fraudulent website” setting.
5 Avoid “safe” files
Safari can automatically open supposedly safe files after downloading them, which is convenient for you but also for malware. In Safari’s General preferences, clear the checkbox next to the corresponding option here.
6 Avoid Java
Java has been reported to have been used by malware authors for years. Only install it if absolutely required. See apple.co/2hMBdgF regarding the browser plugin, and
bit.ly/2rqgP99 for uninstallation steps.
7 Email attachments
Malware can be distributed through email attachments – and this isn’t just used to target Windows PCs. Do not open or download files from emails unless you know they are from a trusted source and safe.
8 Where to get apps
The Mac App Store is the safest place to get Mac software, as Apple vets what’s featured. If you must get an app from elsewhere, use its developer’s published checksum to verify the file is unaltered – see bit.ly/2rVu1q3.
9 Avoid links in email
Phishing tries to trick you into revealing details of your Apple ID, bank, PayPal, and other accounts. Treat emails asking for login details with suspicion and don’t click links; If in doubt, go to a site’s address manually.