It started on Windows and has now arrived on the Mac.
Cybercriminals are using a deceptive tactic to make Mac users believe their system has frozen, prompting them to enter their Apple ID credentials.
Security researchers at LayerX Labs have uncovered a deceptive phishing attack that initially targeted Windows users but has now shifted its focus to Macs. This scheme tricks users into believing their device is compromised, urging them to enter their Apple ID credentials.
The attack begins with fraudulent security alerts popping up during web browsing, warning that the Mac is “compromised” and “locked.” To heighten the sense of urgency, the webpage appears frozen, reinforcing the illusion of a critical failure. A fake prompt then requests the user’s Mac username and password, along with a phone number for supposed “support.”
LayerX Labs provided a screenshot of the scam in action, revealing several telltale signs that expose the deception. The design doesn’t conform to Apple’s style, and even the name “macOS” is incorrectly formatted, small details that hint at foul play. Meanwhile, a phone number listed for “assistance” led Macworld investigators to an unavailable automated message, proving it’s a fake line with no real support.
The scam often ensnares users through innocent typos, mistyped URLs directing them to compromised domain parking pages that host the phishing attack. Initially, cybercriminals focused on Windows users, but enhanced security measures by Microsoft, Google, and Mozilla effectively blocked the attack. Now, the fraudsters have turned their sights on Mac users.
How to Stay Safe from Web Phishing Scams:
Protecting yourself from phishing attacks starts with awareness and a few simple precautions.
Cybercriminals are using a deceptive tactic to make Mac users believe their system has frozen, prompting them to enter their Apple ID credentials.
Security researchers at LayerX Labs have uncovered a deceptive phishing attack that initially targeted Windows users but has now shifted its focus to Macs. This scheme tricks users into believing their device is compromised, urging them to enter their Apple ID credentials.
The attack begins with fraudulent security alerts popping up during web browsing, warning that the Mac is “compromised” and “locked.” To heighten the sense of urgency, the webpage appears frozen, reinforcing the illusion of a critical failure. A fake prompt then requests the user’s Mac username and password, along with a phone number for supposed “support.”
LayerX Labs provided a screenshot of the scam in action, revealing several telltale signs that expose the deception. The design doesn’t conform to Apple’s style, and even the name “macOS” is incorrectly formatted, small details that hint at foul play. Meanwhile, a phone number listed for “assistance” led Macworld investigators to an unavailable automated message, proving it’s a fake line with no real support.
The scam often ensnares users through innocent typos, mistyped URLs directing them to compromised domain parking pages that host the phishing attack. Initially, cybercriminals focused on Windows users, but enhanced security measures by Microsoft, Google, and Mozilla effectively blocked the attack. Now, the fraudsters have turned their sights on Mac users.
How to Stay Safe from Web Phishing Scams:
Protecting yourself from phishing attacks starts with awareness and a few simple precautions.
- Double-Check URLs: Always verify the web address you’re typing into your browser. A small typo can lead you to a fraudulent site designed to steal your information.
- Use Bookmarks: Save frequently visited websites as bookmarks to avoid manually entering URLs each time, this minimizes the risk of mistyped addresses leading to phishing traps.
- Search Smart: If you’re unsure about a URL, use a search engine to find the site you’re looking for. Before clicking, review the displayed link to ensure it directs you to the legitimate page.
Statistics: Posted by Saul — Tue May 13, 2025 10:02 am
