Mac users increasingly at risk from phishing attacks

News by Mark Mayne

Phishing gangs are increasingly targeting Apple users, with a significant spike in attacks in 2019 over last year

Attacks on Apple users have jumped nine per cent in 2019, up to 1.6 million in the first half of 2019, compared to more than 1.49 million in the whole of 2018, according to the latest research figures. 

The total number of phishing attacks targeting Mac computers in the first half of 2019 was almost six million, compared to just  7.3 million in the whole of 2018, said Kaspersky’s Threats to Mac Users Report 2019. 

Although the volume of malware designed specifically to target Macs is much lower than that for Windows, the researchers point out that phishing attacks, being platform agnostic, pose a greater threat to Mac and iOS users, who may be less cautious than their Windows user peers. 

Of the six million Mac attacks, 39.95 per cent of them were aimed at stealing users’ financial data, a rise of 10 per cent. The most active malware family was dubbed ‘Shlayer’, which tricks users into installing it by disguising itself as Adobe Flash Player updates.

"With so much attention being placed on the cyber-security threats that are associated with Windows, it has created a false sense of security when it comes to Apple devices. Misconceptions surrounding the immunity of i-devices have made people less guarded and therefore far more susceptible to becoming victims of attacks of this type. As a result, we have continued to see a steady growth in this trend and a year-on-year rise in the volume of these attacks," summarised David Emm, principal security researcher at Kaspersky, speaking to SC Media UK. 

"The successful theft of iCloud account credentials could lead to serious consequences – an iPhone or iPad could be remotely blocked or wiped by a malicious user, for example. We urge users of Apple devices to pay more attention to any emails they receive claiming to be from technical support, which request your details or ask you to visit a link," commented Tatyana Sidorina, security researcher at Kaspersky, in a statement

User overconfidence could easily be a problem, said Corin Imai, senior security advisor at DomainTools.

"Mac's are typically viewed more secure because they're targeted less frequently, and Apple's Gatekeeper helps keep unallowed applications from installing. Also, Macintosh natively supports sandboxing, which limits the amount of information applications can access on a machine. The sense of security that many iOS users share is what phishers are leveraging: the more potential victims trust the brand that a message impersonates, the more likely they will be to click on a malicious link," Imai told SC Media UK.

The superior security of Macintosh over Windows depends on several factors, Imai said. 

"It depends on the version of Windows, patch levels of the OS, and several other factors. The Kaspersky report highlights how prevention and security awareness are essential for any effective IT security strategy, regardless of the ecosystem. Edging on the side of caution when it comes to opening attachments, clicking on links, downloading applications and running software updates is good advice for users of any operating system."

This article was originally published on SC Media US.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews