Over 100 Sites Compromised by New Apple ID Phishing Effort

Criminals have been stepping up their phishing efforts against Apple ID holders this week. The crooks are compromising websites, and using them to host fake login pages, which are linked to in emails sent out in an attempt to trick unsuspecting Apple users.

TNW:

The goal here is naturally to steal a user’s Apple ID, which for those who don’t know is an all-in-one account used to log into various Apple services such as iWork, iCloud, the iTunes Store, and the Apple Store. Once they gain access, criminals could buy Apple products using your credentials, impersonate you, or even blackmail you. 

The latest attacks were discovered by Trend Micro, after noticing a pattern in the URLs of relatively new phishing sites. The company investigated and discovered that the sites were compromised, but not hacked (the original content was not modified), to display pages such as this:

Trend Micro identified a total of 110 compromised sites, all hosted at just one IP address registered to an ISP in the Houston area. Trend Micro says the majority of these sites have not been cleaned of the offending code, and it’s likely the techniques can be used on other sites as well.

While phishing attacks against Apple ID holders are nothing new, the recent spike in the attacks, and the fact that sites are being compromised specifically for the purpose is worth noting.

Some versions of the phishing attempts ask not just for the user’s Apple ID login credentials, but also their billing address and other personal and credit card information.

TNW writes, “The security firm notes users are most likely being directed to these phishing sites via spam emails. These can claim anything to trick the user into clicking, but recent ones have been telling the user that their account will expire unless their information is subject to an “audit.” According to Trend Micro, this not only gets users to click on the link, but it also puts them in a mindset willing to give up information.”

Protecting yourself from attacks such as this is simple. Don’t click on random links you receive in an email, instant message, social network, and so on. Also, always make sure to double check the URL , making sure it is correct, and secure, whenever you login to your Apple ID. Also, setup two-step verification, by visiting the Apple ID page.

Chris Hauk

Chris is a Senior Editor at Mactrast. He lives somewhere in the deep Southern part of America, and yes, he has to pump in both sunshine and the Internet.