• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • New Phishing Attack Targets Users with Apple IDs Through Compromised Sites


    A new report is urging web users to be cautious in their surfing habits as more than a hundred websites have been compromised by phishers who are seeking to steal visitors’ Apple IDs. The last two weeks have seen a significant spike in the number of phishing sites on the web targeting Apple IDs according to Trend Micro’s Security Intelligence blog. The blog pointed out on Tuesday that the newest trend appears to involve compromising a site and adding the phishing pages to a folder named ~flight. The files in the folder display a page designed to look like a login page for Apple’s services, encouraging the user to enter an Apple ID, credit card security code, and password.

    The second part of the phishing attack relies on spam emails urging the recipient to submit their information for an “audit” and that their account would expire in 48 hours if they don’t. The email, which is designed to somewhat resemble an actual communication from Apple, links to the phishing page and prepares them to give up their login information.

    As of right now, Trend Micro identified 110 compromised sites, all of which were hosted by the IP address 70.86.13.17. The address is one that is registered to a Houston-area ISP and almost none of the sites affected have been cleaned. As Apple IDs are typically tied to their owners’ credit cards, the security surrounding them is seemingly quite important. Apple gave users the option to enable two-factor authentication for their Apple IDs, making it necessary to verify a user’s identity before changing account options., or making purchases from a new device. According to Trend Micro, users should enable this option for added protection.

    This new scam is just the latest in a line of phishing attacks targeting Apple customers. There have been several well-crafted phishing scams in the past that all encouraged users to give up their data, saying that their billing information records were “out of date.” Apple has been building anti-phishing measures into its Safari browser and improving iTunes account securities as a result.

    Source: Trend Micro (blog) via The Next Web
    This article was originally published in forum thread: New Phishing Attack Targets Users with Apple IDs Through Compromised Sites started by Akshay Masand View original post
    Comments 11 Comments
    1. b1997469's Avatar
      b1997469 -
      And the iPad still has no virus scanner so it cant stop these attacks.
    1. Reeiiko's Avatar
      Reeiiko -
      HAHAHHAHA people actually still fall for phishing sites?
    1. andygev35's Avatar
      andygev35 -
      Quote Originally Posted by Reeiiko View Post
      HAHAHHAHA people actually still fall for phishing sites?
      While it isn't the least bit funny, I also wonder how people still fall for them as well...
    1. holyshnikes's Avatar
      holyshnikes -
      Quote Originally Posted by b1997469 View Post
      And the iPad still has no virus scanner so it cant stop these attacks.
      Um...correct me if I'm wrong, but its not a virus. It's a website. One made to look like apples. So the unknown person thinking they're logging into apples secure server is really giving up their Apple ID and password. Looks to me it can happen on any computer, tablet, or phone.
    1. Bhp41's Avatar
      Bhp41 -
      Quote Originally Posted by b1997469 View Post
      And the iPad still has no virus scanner so it cant stop these attacks.
      You have absolutely no idea what the F you're talking about. People like you are their main target.
    1. crouching's Avatar
      crouching -
      Quote Originally Posted by b1997469 View Post
      And the iPad still has no virus scanner so it cant stop these attacks.

    1. iRevival's Avatar
      iRevival -
      lol. The virus scanner on your computer wont detect it either. It's a website that is made to look like a legitimate apple site. People just need to pay attention. I've gone ahead and enabled the 2 step verification anyway. I've done that with google too and use their authenticator. Gives me much more peace of mind.
    1. ThatOneProfile's Avatar
      ThatOneProfile -
      Are you people serious? I received an email but it landed in my spam folder. Common sense would save you here. Not a virus protector.
    1. iH85CH001's Avatar
      iH85CH001 -
      Quote Originally Posted by b1997469 View Post
      And the iPad still has no virus scanner so it cant stop these attacks.
      I've often wondered when antivirus programs will come for iDevices...

      Quote Originally Posted by b1997469 View Post
      And the iPad still has no virus scanner so it cant stop these attacks.
      I've often wondered when antivirus programs would come for iDevices...
    1. swifty7's Avatar
      swifty7 -
      these thieves can access my apples id's credit number any time they want.....not much they can do with it but they're welcome non the less. I LOVE!!!! the shopsafe feature of my credit card.
    1. At3eS's Avatar
      At3eS -
      Quote Originally Posted by crouching View Post
      roflmao