There’s seemingly always a new online scam to worry about. This time, LayerX Labs discovered that a phishing campaign that had been targeting Windows users for several months has now been remade for Mac computers. The ultimate goal of this phishing campaign was to steal user credentials by deceiving people into thinking that these scam notifications were, in fact, Microsoft security alerts.
After deceiving several Windows users, Microsoft, Chrome, Firefox, and other companies eventually rolled out security updates to prevent these attacks from happening. Now, the hackers have shifted their focus to Mac users.
LayerX Labs says these hackers wait for people to misspell website names to try to steal their credentials. Once they misspell a website, the page quickly redirects them through multiple sites before landing on the phishing attack page.
The phishing attack in question featured three critical modifications to the website:
- The page layout is now different to appear legitimate to Mac users.
- There are code adjustments to target macOS and Safari users by “leveraging HTTP OS and user agent parameters.”
- They maintain the illusion of legitimacy by continuing to use Windows[.]net infrastructure.
LayerX Labs says this is one of the most sophisticated phishing campaigns on the Mac to date.
“While phishing campaigns targeting Mac users have existed before, they have rarely reached this level of sophistication,” they wrote. “Based on the longevity, complexity, and sophistication displayed by the actors behind this attack campaign thus far, we suspect that this is just a first response by them, as they adapt their attacks to new defenses.”
The researchers believe this is only the first wave of this kind of phishing campaign against Mac users. In the coming weeks and months, we might see a “resurgent wave of attacks based on this infrastructure as it probes and tests for weak spots in Micrtosoft’s new defenses.”
To keep yourself safe, always make sure to double-check site addresses, and don’t share your credentials without being certain that you’re on the correct page.
The post A Windows phishing campaign made its way to Mac – here’s how to protect your data appeared first on BGR.
