Overview

• The phishing campaign, previously targeting Windows users, now focuses on macOS and Safari due to gaps in anti-scareware protections.
• Attackers use typosquatted URLs and browser-freezing tactics to make fake Apple security warnings appear legitimate.
• Victims are tricked into entering Apple ID credentials or calling fake support numbers, risking data theft and extortion.
• The campaign is noted for its sophistication, with tactics rarely seen in phishing attacks targeting Mac users.
• Experts recommend verifying website URLs, avoiding interaction with suspicious pop-ups, and installing antivirus software to mitigate risks.