Apple users are being
warned to stay vigilant following the discovery of a new series of
phishing attacks targeting the Apple ID network.
Researchers at Trend Micro have uncovered
a series of compromised sites that are being used to host fake login
pages. Designed to resemble the Apple ID login screen, the pages ask
users to enter both their usernames and passwords.
The compromised credentials are then believed to be harvested by the attackers for future use in account thefts.
Researchers noted that the phishing sites
have been connected to a spam campaign as well. Designed to resemble an
official Apple notification, the messages attempt to direct users to
the phishing sites by warning of an impending account removal.
"We’ve seen attacks targeting not only American users, but also British and French users," wrote Paul Pajares, Trend Micro's fraud analyst.
"Some versions of this attack ask not
only for the user's Apple ID login credentials, but also their billing
address and other personal and credit card information."
Though the pages themselves are designed
to closely resemble the Apple ID site, researchers note that the address
information itself can easily be spotted. Aside from not matching
Apple's own domains, the pages do not use the secure connection required
by Apple to log into its ID platform.
In addition to using best practices to
avoid spam sites, users can protect themselves from account theft by
activating Apple's new two-factor authentication platform.
Introduced by the company last month, the
security tool pairs an account with a user's mobile phone and asks for a
one-time use numerical code, which is sent via SMS. Such two-factor
controls have long been advocated by security experts for their ability
to prevent account loss even when a user's login credentials are stolen.
No comments:
Post a Comment