Attacks targeting Apple users rise sharply: Kaspersky
Phishing attacks targeting ‘i-users’ increased by 9% to reach 1.6 million in less than a year
The number of phishing attacks targeting users of Mac computers, iOS-based mobile devices, and the associated web services ecosystem to lure them into fraudulent schemes has reached 1.6 million in the first half of 2019, Kaspersky says in a new report.
This figure is around 9% greater than attacks experienced in the whole of 2018. The growing number of users of popular digital devices is clearly attracting more and more cybercriminals. This is one of key finding of Kaspersky’s Threats to Mac Users Report 2019.
While the volume of malicious software threatening users of macOS and the iOS mobile platform is much lower than that threating users of Windows and Android platforms, when it comes to phishing – a platform-agnostic cyber threat – things are quite different. As they rely on social engineering, most phishing attacks have nothing to do with software. As Kaspersky’s recent research showed, the number of cases where users faced fraudulent web pages utilizing the Apple brand as a decoy has increased significantly in the first six months of the year, reaching 1.6 million. This figure is 9% higher than during the whole of 2018, when Kaspersky security solutions prevented more than 1.49 million attempts to access Apple-themed phishing pages. The research is based on threat statistics voluntarily shared by users of Kaspersky Security Network – a global cloud infrastructure designed for immediate response to emerging cyber threats.
Among the most frequent fraud schemes are those designed to resemble the iCloud service interface and to steal credentials to Apple ID accounts. Links to such services usually come from spam emails which pose as emails from technical support. They often threaten to block user accounts should they not click the link.
Another widespread scheme is the use of scaremongering pages that try to convince the user that their computer is under serious security threat and it will only take a couple of clicks and a few dollars to solve those issues.
“While technically these fraud schemes are nothing new, we believe they pose an even greater danger to Apple users than similar schemes against users of other platforms – such as Windows or Android. That is because the ecosystem around Macs and other Apple devices is generally considered a far safer environment. Therefore users might be less cautious when they encounter fake websites. Meanwhile the successful theft of iCloud account credentials could lead to serious consequences – an iPhone or iPad could be remotely blocked or wiped by a malicious user, for example. We urge users of Apple devices to pay more attention to any emails they receive claiming to be from technical support, which request your details or ask you to visit a link,” said Tatyana Sidorina, security researcher at Kaspersky Lab.
In addition to a rise in phishing, the report also revealed other types of threats to users of macOS-based devices. The results have demonstrated some relatively positive tendencies: the most common threats for Mac users proved not to be critically dangerous malware, like banking Trojans, but instead AdWare threats, which are not-necessarily fatal and defined as ‘potentially unwanted programs’. Most are threatening users by overloading their devices with unrequested advertisements, yet some of these programs might, in fact, turn out to be a disguise for more serious threats.