Viruses, even these furry ones, have never been a big threat to Mac users. But guess what--we’re still vulnerable to phishing, Trojans, and other attacks.

At some point, every Mac owner needs to have the talk…about online security. Your Mac will probably never get a virus. But instead of ending the conversation, that’s only the beginning. Peter James, global spokesperson for Intego, a Mac security software developer, says, “Ask anyone in the security industry--and this is Mac or PC--they’re going to tell you that there are hardly any viruses anymore. Viruses aren’t the threat.”

These Giant Plush Microbes ($7.99, thinkgeek.com) are 1,000,000x reproductions of mange, common cold, rabies, and ulcer. Awwww!

Instead, organized criminals use other methods to try to seize private data and control your Mac. Phishing schemes trick you with an email that might look like it came from Facebook, your bank, or any other personal site. If you enter your password or credit card info, you’re sending it directly to the bad guys. A sneakier threat, Trojans disguise themselves as something you might want, such as an MP3, a QuickTime plug-in, or any other software, and if you install one, you’ve unwittingly handed over full access to your Mac. Last but not least, operating system and application vulnerabilities can also be exploited--like when certain websites crash your browser (or sometimes worse) when you visit them.

All of the security experts we contacted for this article agreed that PCs have it worse, facing tens of thousands of threats. If you’re running Windows via Boot Camp or in a virtual machine such as Parallels Desktop or VMware Fusion, you should absolutely install security software in that environment. However, many online dangers can snare Mac users too. Ultimately, you’ll have to decide if adding security software is worthwhile because with that protection comes a few minor hassles: cost, potential false positives, and the security software taking some of your processor’s attention.

Security researcher Charlie Miller, principal analyst for cybersecurity consultancy Independent Security Evaluators, says, “It’s not that OS X is more robust or secure or anything like that. It’s just that the bad guys haven’t bothered to write malware for it.” For now, Miller runs security software on his Windows PCs but not on his Macs. He says that savvy Mac users can avoid phishing and Trojans with good habits, but not everyone should follow his example of foregoing software protection. “I make sure I’m careful, but not everyone is a trained computer security person.”

What about you? Do you know when to be concerned with your Mac asking for your password? (You have a password on your user account, right?) Do you scrutinize commerce URLs to be sure they’re legitimate and encrypted? Do you delete all emails asking you to log in to an online account from a provided link? Pass those tests every time, and you’ll probably be safe without additional software.

But would your spouse, parent, sibling, or others be as adept? After all, phishing works. For a lot of people, “If the computer says to do something, they don’t know not to do it,” says Mike Romo, Symantec’s Mac product manager. Even Mac experts might rather relax a little and let the security software take point. If so, Mac users can choose between many commercial security packages from Intego (intego.com), Symantec (symantec.com), Kaspersky (kaspersky.com), and others. ClamXav (clamxav.com) will scan your system for viruses, particularly in email attachments or web downloads, for free. McAfee (mcafee.com) will be launching a Mac utility later this year.

If you take the plunge, it’s important to pick a tool that goes beyond virus scanning. Mac OS X includes a firewall, but add-on software can do more, such as blocking problematic outgoing traffic in addition to incoming connections. Anti-phishing tools are built into many browsers, including Safari and Firefox. Again, add-on software can do more, including updating its list of dangerous sites more quickly or clearly identifying safe sites. Many of these utility packages are named “antivirus” because it’s an established buzzword, but they’ll still include additional features like backing up your data.

If you pass on security software today, you’ll most likely need it someday. “The Mac installed base continues to grow,” says David Klenske, director of consumer product marketing for McAfee. “People will be creating [more Mac-specific] malware as the market grows.”

Uh…great?

Next page: Seven Expert Tips for Staying Secure >>