I'm assuming that you've been keeping up with the times, and you've already heard about how tens of thousands of normal websites getting hacked with SQL-injection, and search engines got IFRAME injections, right? (If not, well,
the government issued a warning about three weeks ago so please go read up.)
It's little surprise that these SQL-injection-hacked websites and the malicious IFRAMEs will attempt to pull "MMO (Lineage1&2/FFXI/WoW/etc.etc.) login data" from you, just like how the malicious IFRAME that was injected into somepage.com late last year did.
And in the world of JP websites, in this recent set of hacks a major free blog-space provider (FC2) was hacked, and tens of thousands of blogs, FFXI or otherwise, got IFRAME-injected.
What this means: a lot of people, just by normal websurfing, and by this I mean visiting websites that have
NOTHING to do with FFXI (or any other MMO for that matter) -- for example, reading USA Today online or even keeping your anti-virus happens to be made by TrendMicro and you were updating your virus data (and yes, both of them were victiom to SQL-injection at one point or another), people put themselves at risk for account-hacking without knowing it. And when these users get hacked, since they didn't know that the hacks were placed on ordinary websites, they instantly think, "It's got to be FFXIAH."
Now, on the other hand, there were a few
ads that had been compromised via IFRAME injection a couple weeks back -- the admins here at FFXIAH banned that ad about an hour after it showed up, but those that didn't have properly protected computers may have gotten compromised by using FFXIAH during that approximately-one-hour window.
All in all, the prevention methods haven't changed from when somepage.com got hacked:
-- best option: use PS2/PS3/X360 to play FF11 (or use different computers to play FF11 and websurf), and never use the linkshell community site (the latter I say because they have been having too many "technical difficulties" lately -- I'm starting to wonder that hackers are pulling info from there)
-- what you should be doing anyway part 1: keeping your OS, software you use, and all virus/firewall/spyware protection updated (and make sure to scan periodically)
-- what you should be doing anyway part 2: using a web browser that doesn't use the IE engine (Firefox/Opera/etc) and disabling JavaScript/IFRAME/ActiveX for the most part (Firefox users should already be using the NoScript plugin, for example)
-- what you probably should be doing for the time being: checking websites with services like aguse.net(aguse.jp) and Dr.Web before visiting, especially if you don't have JS/IFRAME disabled on your browser
-- what you can also do: invest in IP blockers like PeerGuardian2 and banning IPs that are known to host MMO trojans (or even a majority of cn/kr/tw domains)
So, if you're using FFXIAH only on a Mac, as long as you're not doing that Mac/Win dual boot thing that you can do with OSX and playing FFXI on the same Mac (which I think you aren't, esp. if you're at work!) you should be fine...