Email from family member turned out to be a phishing scam - help

mly wrote:

This particular phishing scam opens an internet browser taking you to an "exe" file which I know is PC/Windows based but, I read an online account where someone using a Mac still had issues.

Without knowledge of the referenced online account, and given your reticence here, what may or may not have happened to that account and what may of happened here is entirely unclear.

Once the web browser opened, did you actually download and then run some app? If you did, shut down now, wipe, reinstall from a pre-breach backup, enable two-factor authentication, and get to work changing all of your passwords and passcodes and tokens immediately.

If you actually downloaded a Windows app (and still have it in your download folder to check), then those don’t work and don’t run on macOS, or most anything other than Windows. They’re harmless else-platform, and no further steps need be taken. (I would, however, review the security recommendations, backups, unique and robust passwords, and enabling two-factor.)

There are, however, phishing campaigns that will detect and download platform-specific tools, or (less commonly) cross-platform tools.

That really all depends on what info you revealed.

A compromised email is bad enough, but if that email is also a 2nd factor for authentication to another service (or used for account recovery), it can rapidly become exponentially worse.

If any of your Apple credentials were potentially revealed, see this:

If you think your Apple Account has been compromised - Apple Support

Performing audit of all of your Apple Account info AND connected devices is a good idea anytime.

https://account.apple.com/

If you didn’t run anything, there are very likely no issues here.

What to do? Two-factor enabled where available, robust and unique passwords, backups, addressing Apple’s security recommendations, etc.

Related: Better Securing Your Data, and Apple Acco… - Apple Community

As for phishing from “yourself” and from your circle of contacts (including work email and mail from “coworkers”), that has a long history and is only becoming easier and more ubiquitous with the increasing volumes of data from myriad breaches.

Everybody is going to fall for phishing or spear-phishing sooner or later. Too much leaked data is sloshing around.

Use unique and robust passwords, and do not re-use passwords.

Enable two-factor authentication, if not already enabled.

Review the Apple Security Recommendations for your accounts, and resolve findings as appropriate.

Have backups. Backups are the only way to mark data as being valuable.

As for what happened here, as mentioned, that depends greatly on what was requested and revealed.

Re: “… too much leaked data is sloshing around … “

A very apt descriptor. 👏