Suspicious” classification signifies that the application or software that is being downloaded and/or used has been classified by us as suspicious, questionable, undesired and/or unknown. It may suffer from a poor reputation, massive users complaints, or is likely to carry functions or behaviors that are not fully disclosed to, or consented by, the user. Our emphasis in this classification is mostly on ungenuine intent and reputation.

This includes questionable distribution tactics or sources, behaviors that un-genuinely force users to install programs, click buttons, call a phone number or take any other action designed to benefit the attacker, but not the user. In some cases, when we are in the process of analyzing a file based on a solid suspicion that it is malicious an Adware, Spyware or trickware, we will also classify it as “Suspicious” to signal our users to be extra cautious. Until we finish the analysis and are able to classify it more accurately.

Behavioral Examples

The following is a (non-exhaustive) list of some behavioral examples and symptoms of “how ‘Suspicious files’ are likely to behave when evading, or attempting to evade, your Mac system”.

  • Associated with Scareware, Adware or a Malware.
  • Users don’t know how it ended up on their machines.
  • A lack of real/actual functionality or application value.
  • Confusing or non-coherent to users, or changed functionality over time without user’s consent.
  • Any program interfering with OS’s or browser’s settings in a way that was not explicitly consented by the user.
  • A software or application that is lacking a publisher certificate (unknown source).
  • A software bundle that does not reveal in a clear and conspicuous manner about all the software offers that are included in the bundle.

Did you encounter any behavior that could fall under this category?
Feel free to submit the data for our examination.


Get Airo

Try Airo AV and Airo Web Protection

Free Trial