Phishing attacks reaching macOS users look set to more than double this year, with emails specifically claiming to be from Apple growing at 30%-40% per year.

In the first half of this year, around 1.6 million phishing attacks attempting to fool people into using their Apple ID credentials to log in to a fake Apple website were detected by a security company…

Kaspersky says that its figures reflect only attacks on Macs running its own security software — many of which are in corporate environments — suggesting that the true total number of phishing attempts is very much higher.

Phishing attacks: what to watch for

For phishing attempts aimed at stealing Apple logins, the most common ones are:

  • Claiming that your Apple account is “locked” and you need to “confirm” it to restore access
  • Sending a receipt for an expensive claimed purchase, with a “Cancel” link
  • A message from “Apple Support” claiming to have detected problems with the Mac

By far the greatest number of phishing attempts, however, impersonate banks. Although the hit rate will be low — only a tiny proportion of those receiving any given email will have an account with the bank in question — the potential rewards of gaining access are huge.

Only ever visit your bank from your own bookmarks or by manually typing the URL: Never click on a link in an email.

It’s difficult for an attacker to install a virus in macOS, so the vast majority of malware — malicious apps — targeted at Macs is adware. These fake apps do things like hijack browsers to display ads from hacker ad networks instead of the normal ads running on the sites visited. These can also change a browser’s homepage and the default search engine.

Protection against malware is straightforward: Only ever install apps from the Mac App Store or the known website of a trusted developer. The most common route for getting malware onto a Mac is via a fake Flash Player update, so, again, you can help friends by letting them know they should always ignore these — and preferably not allow Flash on their Mac at all.