The campaign previously targeted Windows users: According to LayerX researchers, the campaign has been seen targeting Mac users only in the last few months. Initially, it targeted Windows users by masquerading as Microsoft security alerts.Designed to steal user credentials, threat actors have apparently shifted focus to Mac users owing to new security features being rolled out by Microsoft, Chrome, and Firefox, researchers added.”Phishing attacks are evolving, and despite the fact that Macs are traditionally less susceptible to viruses, Mac users are no exception to many modern threats,” Darren Guccione, CEO and co-founder at Keeper Security told CSO. “Cybercriminals are opportunisticwhen one attack vector gets blocked, they pivot to the next.”This campaign demonstrates how quickly attackers adapt, leveraging trusted infrastructure and sophisticated deception to bypass traditional security measures, Guccione added. The researchers noted that the new Mac-targeted attacks required only minor adjustments to the hackers’ existing infrastructure, primarily involving text modifications and slight code changes to target macOS and Safari users.
First seen on csoonline.com
Jump to article: www.csoonline.com/article/3852569/new-phishing-campaign-uses-scareware-to-steal-apple-credentials.html
