Checksums are a useful way to verify that the file you’ve downloaded is the exact version that the website intended to be downloaded, ensuring that it hasn’t been modified or tampered with somewhere along the way.
Once you’ve determined your file’s checksum, you’ll need to compare it to the one provided by the website from which you downloaded it, so before you begin you should also make sure that the host website has indeed provided this information.
Firstly, open your Terminal by searching for it in the Launchpad. Once open, type in “md5” followed by the directory location of your file. For instance, we’re going to check the “installgoogledrive.dmg” file which is located in the downloads folder, hence the path will look like this:
“/Users/hdomanski/Downloads/installgoogledrive.dmg”. Alternatively (and much more easily) you can simply drag the file into the Terminal window and it will automatically paste the directory path.
Next, hit ‘Enter’ to run the command. You’ll see a string of letters and numbers following the ‘equals’ sign — this is the checksum for your file.
You can compare this to the checksum provided by the website and, if they match perfectly, then you have downloaded the exact file that the website intended to be downloaded and be assured that it is safe to use. Source: techradar