A new warning has emerged for Apple users as they become prime targets for a password attack that has previously affected Windows systems. The attack, which involves scareware tactics, is designed to steal Apple account credentials by creating a fake security alert.
Scareware tactics targeting Apple users
The report from LayerX indicates that the recent threats targeting Macs illustrate how online phishing attacks evolve in response to improved security measures. This new campaign uses a deceptive screen freeze to prompt users to enter their Apple ID and password, heightening vulnerability among Mac users as security tools strengthen defenses against similar threats in other environments.
Historically, such attacks on Windows prompted users to submit their Windows username and password, where malicious code would simulate a system lock. Attackers have adopted similar techniques for Mac users, as they have registered numerous domains to capture mistyped URLs.
To avoid detection, attackers have taken several calculated steps. LayerX notes that phishing pages were hosted on Microsoft’s Windows.net platform, lending an air of legitimacy by presenting fake security warnings that appeared to come from Microsoft. In addition, the attackers utilized revolving sub-domains; even when a page was flagged for malicious content, it could be quickly replaced by another URL with a clean reputation.
Mac Pro’s future looks bleak—blame the M3 Ultra
LayerX has also reported that they identified anti-bot and CAPTCHA code on these phishing pages aimed at tricking automated web crawlers and delaying the recognition of the pages as malicious.
Following the implementation of browser protections, LayerX observed a significant 90% decrease in attacks targeting Windows users. The expectation remains that similar protective measures could reduce threats for Apple users as well, although confirmation is pending.
While the current focus is on Apple users, LayerX warns that Windows users should also remain vigilant. A resurgence of attacks is anticipated as attackers probe for weaknesses in Microsoft’s updated defenses. This ongoing situation serves as a reminder of the persistent nature of phishing and web attacks.
Featured image credit: Giorgio Trovato/Unsplash
