The criminals behind a phishing attack aimed at Windows users are now targeting Mac users instead. The goal is to steal your Apple Account credentials (aka Apple ID).
The security researchers who uncovered the scam say that it’s one of the most sophisticated attacks ever mounted against Mac users …
Security researchers monitoring a long-running phishing attack against Window users found that Mac users are now the primary target after Microsoft introduced new security measures.
For the past few months, LayerX has been monitoring a sophisticated phishing campaign that initially targeted Windows users by masquerading as Microsoft security alerts. The campaign’s goal was to steal user credentials by employing deceptive tactics that made victims believe their computers were compromised.
Now, with new security features rolled out by Microsoft, Chrome, and Firefox, the attackers have shifted their focus to Mac users.
The core method of the attack is nothing new: a website popup window masquerading as a security alert. But what enables this particular attack to fool so many people is that it uses malicious code to cause the webpage you are viewing to freeze. That lends credibility to the popup claim that the computer has been locked.
LayerX says that the sophistication of the setup made it hard to block. For example, the Windows version was hosted on a genuine Microsoft server.
The phishing pages were hosted on Microsoft’s Windows.net platform (an open platform by Microsoft for hosting Azure applications). In the context of the attack, this made the messages appear legitimate, since they were security warnings (supposedly) by Microsoft, coming from a page on a windows[.]net domain.
However, Microsoft last month introduced an anti-scareware feature in its Edge browser, with similar protections implemented in Chrome and Firefox. That stopped 90% of the attacks on Windows PCs, so the attackers turned their focus to Macs running Safari.
They changed both the appearance and wording of the popup to look legitimate to Mac users.
Within 2 weeks of Microsoft rolling out the new anti-phishing defenses, LayerX begun observing attacks against Mac users, who – apparently – were not covered by these new defenses […]
Mac and Safari users are now prime targets. While phishing campaigns targeting Mac users have existed before, they have rarely reached this level of sophistication.
While it’s not likely 9to5Mac readers would be fooled, freezing the underlying webpage makes it pretty convincing to less tech-savvy Mac owners, so you may want to share this with family and friends.
Highlighted accessories
Via Macworld. Photo by Alex Bachor on Unsplash.
FTC: We use income earning auto affiliate links. More.
