Apple Phishing Is on the Rise

Whereas Apple computer infections show a growing trend, users can fall victim to other cyber-attacks that involve phishing and may lead to identity theft, financial losses, and other serious issues. Phishing is one of the dominating forms of today’s online attacks. With social engineering at its core, it mainly relies on booby-trapped links, typically arriving with emails, to hoodwink recipients into disclosing their personal information to fraudsters.

The particularly unnerving thing is that phishing kits available on darknet sources can be easily accessed by individuals who don’t have a solid programming background. It means that even people with basic computer skills may zero in on you.

Here’s some food for thought: there are currently about 1.5 billion Apple devices in use worldwide. All of them require unique Apple IDs to access the manufacturer’s proprietary services such as iCloud, App Store, iMessage, Apple TV, Apple Music, FaceTime, and many others. It means the potential attack audience is huge and the entry point is the Apple ID password, one secret combo of characters and numbers.

Why may fraudsters want to steal your Apple ID?

Apple ID is your key to using all Apple services and implies unlimited access to a plethora of sensitive information. Here’s a brief overview of its common use cases:

  • No matter if you own an iDevice or a Mac, you use your Apple ID to sign in to it and unleash its full potential and features. It’s within the realms of possibility that it will also be a way to log in to Apple’s future self-driving electric car, which is rumored to be a work in progress at this point.
  • Apple ID retains your payment and shipping details to facilitate the process of buying apps, service subscriptions, and devices from Apple.
  • Your Apple ID is the conduit to accessing your security settings and extensive details on all app and service purchases you completed with it.
  • You use Apple ID to access your iCloud account, a place where you store your photos, videos, and other personal data. If stolen, these files can be mishandled to perpetrate blackmail attacks.

Techniques used to dupe you into visiting Apple ID phishing pages

The scammers’ repertoire spans quite a few types of Apple ID phishing mechanisms. Familiarize yourself with some of the most widespread methods to make sure you don’t fall for them down the road.

  1. Spoof payment statement email

You should be able to identify this phishing attempt by looking at the subject line of the received email. It says “Payment Statement,” “Receipt ID,” “Receipt Order,” or something similar. The goal of this phony message is to make you think your credit card has been used to pay for some products or services.

The natural reaction of most users is to plunge headlong into canceling the order they are clueless about. The email contains a link you can click to supposedly go to the appropriate billing information page. Instead, you will be redirected to a phishing site that instructs you to verify your personal data, including your credit card number and Apple ID password.

There are usually a few giveaways in these emails. First off, the sender field will contain a string that isn’t a valid Apple email address. Furthermore, the message may contain an attachment in MS Word format, a type of file Apple wouldn’t send to its customers. Also, pay attention to the URL that shows up when you hover the mouse over the “Cancel and Manage Orders” (or similar) link – it’s typically something absolutely unrelated to Apple.

With that said, you should refrain from clicking any suspicious links received via email. Unfortunately, there are payment-related phishing messages that look really true to life and feign urgency. They may forward you to a web page that looks just like the legit Apple site, except that some words can be misspelled and the navigation icons at the top aren’t clickable. You should exert caution with dubious emails like that.

  1. Apple ID fraudulent phone calls

Hoaxes aimed at wheedling out Apple IDs don’t only revolve around sketchy emails. Some of them may cash in on scam phone calls. To instill a false sense of legitimacy into users, crooks often take advantage of the caller ID spoofing trick so that the phone number displayed on your phone looks like a real Apple number. When you look at the call details, they may even include the authentic company logo and official website. The impostors will usually ask you to provide your sensitive details for account validation or to ensure that you comply with the purportedly updated Terms of Service and can continue to use certain features.

  1. Bogus text messages

Apple ID phishing campaigns can also involve text messages sent to your phone. They typically say something like “Your Apple account is suspended” and instruct you to follow a link to find out how to sort out the alleged predicament. You’ll be asked to enter your personal information in a fake form on the linked-to website mimicking an Apple support page.

  1. Misleading pop-ups

This type of phishing originally surfaced as a proof of concept, and fortunately, there have been no reports about real-world attacks of that sort so far. However, a researcher named Felix Krause has demonstrated that it’s a viable exploitation vector, and therefore such phishing attempts may appear in the wild anytime soon.

The idea is simple: a malicious app triggers a rogue dialog asking the victim to enter their Apple ID password to sign in to the iTunes store. The authentication details go to the attacker once typed in. Most users take such pop-ups for granted and don’t mind entering their sensitive information to keep using an app they like. To top it off, the alerts look identical to ones routinely generated by iOS.

To check whether the dialog is legit, the above-mentioned security enthusiast recommends tapping the Home button. If the application quits, then you are definitely dealing with a spoof pop up. If it doesn’t close, there is no reason to worry because it’s a genuine iOS request. The difference is that regular system pop-ups like that stem from a separate process rather than posing as a component of an application.

Best practice tips to identify Apple phishing attempts

Although some phishing hoaxes may be harder to pinpoint than others, all of them share a number of telltale signs. Here are some common red flags to look out for:

  • Spelling and grammar inaccuracies;
  • Incompetently designed an email or web page;
  • Dubious sender address unrelated to Apple;
  • Requests to verify sensitive info over email or phone (something Apple never does);
  • Suspicious-looking or shortened hyperlinks;
  • Dodgy email attachments.

How to avoid falling victim to Apple ID phishing scams?

In order to be a moving target, adhere to a number of practices that will help you keep your Apple ID intact and strengthen your personal security posture overall.

  • Stay abreast of cybersecurity news covered by reputable sources.
  • Opt for web browsers equipped with anti-phishing features (Google Chrome is a good example).
  • Abstain from opening email attachments sent by someone you don’t know.
  • Get into the habit of hovering your mouse over hyperlinks before you click. If you notice the slightest hint of danger, don’t click the link.
  • Set up 2FA (two-factor authentication) for your Apple ID and other personal accounts.
  • Make sure you are using the latest macOS or iOS version supported by your device.

Additionally, you should do your homework and peruse some security tips provided by Apple. Many users don’t bother exploring these recommendations until they have been scammed. You are better off safeguarding your accounts proactively and nurturing your phishing awareness. Here are the sources on your must-read checklist: