Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.
Mac Newsforums, a part of the
05-01-2013, 10:36 PM #1
New Phishing Attack Targets Users with Apple IDs Through Compromised Sites
A new report is urging web users to be cautious in their surfing habits as more than a hundred websites have been compromised by phishers who are seeking to steal visitors’ Apple IDs. The last two weeks have seen a significant spike in the number of phishing sites on the web targeting Apple IDs according to Trend Micro’s Security Intelligence blog. The blog pointed out on Tuesday that the newest trend appears to involve compromising a site and adding the phishing pages to a folder named ~flight. The files in the folder display a page designed to look like a login page for Apple’s services, encouraging the user to enter an Apple ID, credit card security code, and password.
The second part of the phishing attack relies on spam emails urging the recipient to submit their information for an “audit” and that their account would expire in 48 hours if they don’t. The email, which is designed to somewhat resemble an actual communication from Apple, links to the phishing page and prepares them to give up their login information.
As of right now, Trend Micro identified 110 compromised sites, all of which were hosted by the IP address 188.8.131.52. The address is one that is registered to a Houston-area ISP and almost none of the sites affected have been cleaned. As Apple IDs are typically tied to their owners’ credit cards, the security surrounding them is seemingly quite important. Apple gave users the option to enable two-factor authentication for their Apple IDs, making it necessary to verify a user’s identity before changing account options., or making purchases from a new device. According to Trend Micro, users should enable this option for added protection.
This new scam is just the latest in a line of phishing attacks targeting Apple customers. There have been several well-crafted phishing scams in the past that all encouraged users to give up their data, saying that their billing information records were “out of date.” Apple has been building anti-phishing measures into its Safari browser and improving iTunes account securities as a result.
Source: Trend Micro (blog) via The Next Web
05-02-2013, 01:39 AM #2
And the iPad still has no virus scanner so it cant stop these attacks.
05-02-2013, 02:07 AM #3
HAHAHHAHA people actually still fall for phishing sites?
05-02-2013, 02:27 AM #4
05-02-2013, 03:38 AM #5
05-02-2013, 05:08 AM #6
05-02-2013, 09:18 AM #7
The Following User Says Thank You to crouching For This Useful Post:
05-02-2013, 09:57 AM #8
lol. The virus scanner on your computer wont detect it either. It's a website that is made to look like a legitimate apple site. People just need to pay attention. I've gone ahead and enabled the 2 step verification anyway. I've done that with google too and use their authenticator. Gives me much more peace of mind.
05-02-2013, 03:41 PM #9
Are you people serious? I received an email but it landed in my spam folder. Common sense would save you here. Not a virus protector.
05-02-2013, 09:03 PM #10
05-02-2013, 10:48 PM #11
these thieves can access my apples id's credit number any time they want.....not much they can do with it but they're welcome non the less. I LOVE!!!! the shopsafe feature of my credit card.
05-03-2013, 08:58 AM #12