A scareware campaign phishing for login credentials recently switched from targeting Windows to macOS. Throughout 2024 and in early 2025, the attacks targeted Windows users. The malicious code caused the webpages to freeze, creating the illusion of an issue, and the victim was instructed to provide their Windows username and password. Recently, Chrome, Firefox, and Microsoft Edge received new anti-scareware capabilities, which led to a 90% drop in Windows-targeted attacks, and forced the threat actors to switch focus to macOS users, who are not protected by these defense mechanisms.

Read more: https://www.securityweek.com/scareware-combined-with-phishing-in-attacks-targeting-macos-users/