Skip to main content

Here’s why phishing attacks against Macs are rising at an alarming rate

Is your Mac safe from phishing? Kaspersky says it’s not

It’s a commonly held belief that Macs are immune to malware. But while the risk of attack for Apple’s computers is much less than that faced by their Windows counterparts, they can still be compromised and infected — just look at the Zoom infection that occurred earlier this year.

This point about the ongoing vulnerability of Macs has been rammed home by antivirus firm Kaspersky, which just published a report claiming that phishing attacks on Mac users could double from their 2018 rates by the end of this year. That’s an alarming trend for anyone using one of Apple’s computers.

The firm said that in the first half of 2019, its software detected almost 6 million phishing attacks targeted at Mac users, with 1.6 million attacks making use of the Apple brand name by June 2019. A phishing attack is one where a malicious actor attempts to trick you into giving away sensitive information — for example, by sending you an email masquerading as an Apple message and asking for your Apple ID login info, which can then be used to make fraudulent purchases.

Kaspersky’s software detected 852,293 phishing attacks on MacOS in 2015. That rose 86% to 1.5 million in 2016, then grew to 4 million by 2017. There were 7.3 million attacks in 2018, and the company has detected 5,932,195 attacks so far in 2019. It predicts that if the growth continues at its current rate, there could be over 16 million attacks targeted at Macs by the end of 2019, more than doubling the 2018 number.

Apple has a number of tips on how to avoid falling for phishing attacks. It will never ask for your Apple ID password or verification code in order to provide support, and will not launch browser pop-up windows warning you that your Mac is infected. If you get an unsolicited phone call from someone claiming to be from Apple, hang up and contact Apple directly.

However, there is a degree of good news in Kaspersky’s report. Both the number of malicious files in the wild that target Mac users and the number of times Kaspersky products detected malware and potentially unwanted software on Macs look to be declining in 2019 compared to 2018. That suggests that bad actors are refocusing their Mac efforts on phishing rather than on viruses and other malware files.

Kaspersky’s report outlined that, although both the number of malware attacks and the number of affected users have both been increasing annually since 2012, in 2018 the number of affected users actually dropped noticeably from around 255,000 to 87,000. Indeed, the company concluded that “the era of explosive growth [of Mac malware] seems to be behind us, and we cannot but notice the decline in the activity of cybercriminals on this platform.”

Instead of full-fledged viruses, most of the Mac malware detected by Kaspersky was adware — in other words, malicious files that run ads in as many places on your Mac as possible — which requires much less effort to create than a virus. Kaspersky’s report speculated that, “The reasons for this are both the fact that there are fewer potential victims and the efforts that Apple is making to protect its customers.”

It’s worth noting that this is only a partial picture, as it only includes attacks detected by Kaspersky’s Mac software. Attacks on Mac users who were running different antivirus apps (or weren’t running antivirus software at all) didn’t enter the picture, so the total number of attacks is likely to be higher.

If you’re looking to protect your Mac, you should install an antivirus app. We’ve rounded up your best options to help remove the guesswork in keeping you safe on your Mac.

Editors' Recommendations

Alex Blake
In ancient times, people like Alex would have been shunned for their nerdy ways and strange opinions on cheese. Today, he…
Here’s why people are saying to buy the M1 MacBook Air instead of the M2
Apple MacBook Air M1 open, on a table.

The once highly anticipated M2 MacBook Air is finally out. But despite how great the design looks, many potential buyers are instead turning to the M1 MacBook Air, a laptop that's nearly two years old.

Apple still sells it, of course, and as plenty of reviewers and commentators have pointed out, it may prove to be the better option for many people -- and there are three main reasons why.

Read more
Here’s why people are saying to avoid the $1,199 M2 MacBook Air
The keyboard of the MacBook Air.

Apple's latest MacBook Air with the new M2 chip has been controversial, to say the least. The new MacBook Air features a refreshed design and is the successor to the M1, Apple's new M2 system-on-a-chip.

But since the new M2 MacBook Air dropped, tech reviewers, experts, and regular people are saying you should avoid the base configuration of this new machine due to some pretty substantial performance issues. For a more affordable laptop, this is a frustrating bind that potential MacBook Air buyers are being put in.

Read more
This MacOS Trojan stealthily lifts your data, says Microsoft
The screen of the 2021 MacBook Pro.

You might think that your Mac is invulnerable to viruses and other security threats, but you might want to think again. As part of its commitment to intelligence sharing and collaboration, Microsoft recently exposed the evolution of a MacOS Trojan that can stealthily lift your personal data.

First spotted in September 2020, Microsoft says this piece of malware, known as UpdateAgent,  has increasingly progressed to "sophisticated capabilities." Though it also indicated that the latest two versions are still more "refined," Microsoft does warn that the malware is again being developed, and more updates could come soon.

Read more