September 11, 2019

Kaspersky Research Finds Continued Growth in Cyberthreats to Apple Users


Woburn, MA – September 11, 2019 – According to the new Threats to MacOS Users report from Kaspersky, the number of phishing attacks disguised as the Apple brand, has reached 1.6 million in just the first half of 2019. Furthermore, phishing scams targeting MacOS users continue to grow, with the report showing in the same timeframe, almost 6 million attacks on these users detected.

As Kaspersky research shows, in the first six months of this year, the number of cases where victims faced fraudulent web pages mimicking Apple’s brand has increased nine percent higher than all of 2018, where Kaspersky’s security solutions prevented more than 1.49 million attempts to access Apple-themed phishing pages.

While the volume of malicious software threatening users of MacOS and the iOS mobile platform is much lower than the amount threating users of Windows and Android platforms, when it comes to phishing, things are quite different. Being that they rely on social engineering, most phishing attacks have nothing to do with software.

Among the most frequent fraud schemes are those designed to resemble the iCloud service interface and to steal credentials to Apple ID accounts. Links to such services usually come from spam emails, which pose as emails from technical support and often threaten to block user accounts should they not click the link.

Another widespread scheme is the use of scaremongering pages that try to convince people that their computer is under serious security threat and it will only take a couple of clicks and a few dollars to solve those issues.

“While technically these fraud schemes are nothing new, we believe they pose an even greater danger to Apple users than similar schemes against users of other platforms – such as Windows or Android,” said Tatyana Sidorina, security researcher at Kaspersky. “That is because the ecosystem around Macs and other Apple devices is generally considered a far safer environment. Therefore users might be less cautious when they encounter fake websites. Meanwhile the successful theft of iCloud account credentials could lead to serious consequences. We urge users of Apple devices to pay more attention to any emails they receive claiming to be from technical support, which request your details or ask you to visit a link.”

In addition to a rise in phishing, the report also revealed other types of threats to users of MacOS-based devices. Findings show, the most common threats for Mac users are AdWare, which are defined as ‘potentially unwanted programs’. Most are threatening to overload their devices with unrequested advertisements, those targeted should use caution as some turn out to be a disguise for more serious threats.

Other findings of the report include:

  • The total number of phishing attacks detected in the first half of 2019 on Mac computers protected by Kaspersky solutions was almost 6 million. Where 7.3 million hits were detected in all of 2018.
  • 95% of them were aimed at stealing users’ financial data. That is 10 percentage points more than in the first half of 2018.
  • Unites States MacOS users have the highest rate of unique users, 24.4%, that were attacked in the first half of 2019, with Germany coming in second with 14.6% of users attacked.
  • The most active malware to hit MacOS users were variations of the Shlayer family, that succeeded in distribution by disguising itself as Adobe Flash Player updates.

To keep your devices safe, Kaspersky recommends:

  • Keeping MacOS and all of your apps and programs up to date.
  • Using only legitimate software, downloaded from official webpages or installed from the Mac App Store.
  • Starting to use a reliable security solution like Kaspersky Internet Securitythat delivers advanced protection on Mac, as well as on PC and mobile devices.

This research is based on threat statistics voluntarily shared by users of Kaspersky Security Network, a global cloud infrastructure designed for immediate response to emerging cyberthreats.

Read the full text of the report on Securelist.com

About Kaspersky

Kaspersky is a global cybersecurity company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

Media Contact
Gayle Landry
781-503-1800
Gayle.Landry@Kaspersky.com