Header Ads

/ /

Do You Have an Apple ID? Better Check If You’ve Been a Phising Target

May 03, 2013


The spoofed directory is as clean and as valid-looking as the original.

Contrary to popular belief that Apple is immune to virus and cyber attacks, phishers have now realigned their fire on a relatively new target: Apple IDs. According to Trend Micro’s Trend Labs, “there was a consistent pattern to the URLs of these phishing sites. They are under a folder named ~flight. Technically, the sites were only compromised, but not hacked (as the original content was not modified). It’s possible, however, that the sites may be hacked or defaced if the site stays compromised.”

Interestingly, trying to access the folder itself will load the following page:

Access the ~flight folder and this is what will come out on your screen.

Trend Micro has identified a total of 110 compromised sites, all of hosted at the IP address 70.86.13.17, which is registered to an ISP in the Houston area. The directory contains pages that spoofed the Apple ID login page fairly closely and asks not only for the user’s Apple ID login credentials, but also their billing address and other personal and credit card information. It will then forward targets to a page that states that access has been restored, but of course the information has been stolen.

Records show that 2013 saw a significant increase in phishing sites targeting Apple IDs. Interestingly, attacks are not exclusive to the US.

There is a big increase in phising attacks, only 15 weeks in 2013.

Detection is Better Than Cure
According to Trend Micro, “one way to identify these phishing sites is that the fake sites do not display any indications that you are at a secure site (like the padlock and “Apple Inc. [US]” part of the toolbar).

Check the legitimacy of the messages if they match. Legitimate messages have matching domains all around – where they were sent from, where any links go to.

“The mere appearance of the email isn’t enough to judge, as very legitimate-looking emails have been used maliciously. Users are likewise encouraged to enable the two-factor authentication that Apple ID recently introduced, for added protection,” Trend Micro said.


Back to top

Top trending post

Share This


No comments:

Subscribe to: Post Comments ( Atom )
Powered by Blogger.