Published 12:41 IST, September 30th 2019
Apple users beware of phishing attacks, targets increase by 9 per cent
The number of phishing attacks Apple devices including iPhones and Mac computers saw a massive uptick and touched 1.6 million, Kaspersky research shows
According to a cybersecurity firm Kaspersky, the number of phishing attacks targetting Apple users is on the rise. The number of phishing attacks Apple devices including iPhones and Mac computers, saw a massive uptick and touched 1.6 million in the first half of 2019 alone, the report revealed. As researchers explain, phishing attacks were performed on Apple devices and services including iPhone, Mac and associated web services ecosystem, intending to lure users into fraudulent schemes. Researchers believe the rapid increase in terms of more number of users coming to popular digital services is what attracting cybercriminals.
Key findings
-- The number of phishing attacks so far in 2019 is around 9 per cent greater than attacks experienced in the whole of 2018.
-- Unlike phishing, the volume of malicious software threatening macOS and iOS users is much lower than those threating users of Windows and Android platforms.
-- Most phishing attacks had nothing to do with software as attackers relied primarily on social engineering.
-- The number of cases of fake web pages using Apple branding to lure users into fraudulent schemes has increased significantly in the first half of 2019, reaching 1.6 million.
-- The 1.6 million figure is nine per cent higher than the total number of phishing attacks encountered in 2018.
-- 39.95 per cent of phishing attacks were aimed at stealing users’ financial data
-- Brazil tops the list of several attacks on Mac users at 30.9 per cent. India follows with 22.1 per cent and France with 22 per cent.
-- The variations of the Shlayer family malware succeeded in distribution by disguising itself as Adobe Flash Player updates.
Phishing methodology
As researchers explain, among the most frequent fraud schemes were those designed to resemble the iCloud service interface. This way, hackers could steal credentials Apple ID account credentials of compromised users. Links to such false services usually come from spam emails which pose as emails from technical support. They often threaten to block user accounts should they not click the link. Another scheme is the use of scaremongering pages trying to convince the user that their computer is under some severe security threat and it will only take a couple of clicks and a few dollars to fix the problems.
"While technically these fraud schemes are nothing new, we believe they pose an even greater danger to Apple users than similar schemes against users of other platforms – such as Windows or Android. That is because the ecosystem around Macs and other Apple devices is generally considered a far safer environment. Therefore users might be less cautious when they encounter fake websites," said Tatyana Sidorina, a security researcher at Kaspersky Lab.
Safety tips
-- Apple users are advised to pay attention to emails claiming to be from technical support requesting account details or asking users to visit a link.
-- Keep macOS and all of your system apps and third-party programs up to date.
-- Only use legitimate software and download software from official sources or Mac App Store.
Updated 12:58 IST, September 30th 2019