The individuals orchestrating a phishing scam that previously targeted Windows users have now shifted their focus to Mac users. Their objective is to acquire your Apple Account credentials, also known as your Apple ID.
Security experts who discovered this scheme state that it ranks among the most elaborate attacks ever launched against Mac users …
Researchers tracking a prolonged phishing initiative aimed at Windows users have indicated that Mac users have become the new primary targets following the introduction of enhanced security protocols by Microsoft.
For several months, LayerX has kept tabs on a crafty phishing campaign that initially impersonated Microsoft security alerts to exploit Windows users. The campaign’s intent was to siphon off user credentials by using misleading tactics that instilled a sense of urgency in victims, convincing them that their computers were compromised.
With new security upgrades introduced by Microsoft, Chrome, and Firefox, the attackers have redirected their efforts towards Mac users.
The fundamental approach of the attack isn’t revolutionary: a web popup disguised as a security alert. However, what makes this attack particularly effective is its use of malicious code that causes the current webpage to freeze, lending authenticity to the popup’s claim that the device has been locked.
LayerX notes that the complexity of this scheme made it challenging to counteract. For instance, the Windows version was hosted on a legitimate Microsoft server.
The phishing websites were hosted on Microsoft’s Windows.net platform (an open service provided by Microsoft for hosting Azure applications). In the context of this scheme, this arrangement made the alerts appear credible, as they were purported security warnings from Microsoft originating from a windows[.]net domain.
Nevertheless, Microsoft recently rolled out an anti-scareware feature in its Edge browser, akin to properties introduced in Chrome and Firefox. This effectively thwarted 90% of the attacks on Windows PCs, prompting the cybercriminals to redirect their schemes toward Mac users on Safari.
They revised both the look and text of the popup to appear genuine to Mac users.
Within just two weeks following the rollout of new anti-phishing measures by Microsoft, LayerX began noticing attacks targeting Mac users, who – apparently – were not protected by these new defenses […]
Mac and Safari users are now prime targets. Although phishing attempts aimed at Mac users have existed before, they have rarely achieved this degree of sophistication.
While it is unlikely that DMN readers would be easily deceived, the method of freezing the underlying webpage makes this tactic quite convincing for less tech-savvy Mac users, so consider sharing this information with family and friends.
Highlighted accessories
Source: Macworld. Photo credit to Alex Bachor on Unsplash.
