If you’re using a Mac, such as the new MacBook Air, you might have to be careful. A phishing attack that previously plagued Windows users has now made its way to macOS, and it’s easy to fall for it.
This was spotted by 9to5Mac. Researchers from LayerX have been tracking a well-known phishing attack that caused a lot of grief to those who were tricked by it. Previously, the main target of these hackers was Windows, but Microsoft was able to largely eliminate it — up to 90% of all attacks on Windows PCs are said to have been fixed thanks to new updates to Edge, Chrome, and Firefox that block scareware.
As the hackers were out of luck on Windows, they appear to have turned to macOS. Macs are often said to be safe from hackers, which means some users may let their guard down and be easier to target.
On Windows, the phishing attack imitated Microsoft security alerts. The idea was that the hackers wanted to steal the users’ security credentials. In the case of Apple, their goal is to steal Apple IDs, and to do this, they make it seem like the PC is compromised.
We’ve all seen similar pop-ups in the past, but this attack feels more legitimate because it also freezes the website that the victim is viewing. An unresponsive PC with a message saying that it’s been compromised is often enough for someone to give up their login credentials.
LayerX claims that macOS and Safari users are now the primary targets for this particular phishing campaign, and they claim that it’s a highly sophisticated attempt at a hack which may not stop here — it’s just the first attempt at adapting to the fixes rolled out on Windows.
Weird pop-ups that ask you to log in may look believable, but it’s important to stay vigilant. It’s worth warning friends and family members who are less plugged into the latest tech news. I know I’ll be warning my relatives who are using the Apple ecosystem. It’s unclear when, or if, Apple will be rolling out a security update to address this phishing attack.
