Apple IDs hit by new wave of phishing attacks

Apple IDs appear to be the latest target of a new wave of phishing attacks, as shown by a spike in phishing sites featuring fake Apple ID pages, a security vendor said.

 

In a blog post, Trend Micro said pages that spoof the Apple ID login page have been appearing on severael compromised sites.

 

"Some versions of this attack ask not only for the user’s Apple ID login credentials, but also their billing address and other personal and credit card information. It will eventually result in a page that states that access has been restored, but of course the information has been stolen," it said.

 

It said it has identified at least 110 compromised sites, all hosted at the IP address 70.86.13.17, which is registered to an ISP in the Houston area.

 

Almost all of these sites have not been cleaned, it noted.

 

"Technically, the sites were only compromised, but not hacked (as the original content was not modified). It’s possible, however, that the sites may be hacked or defaced if the site stays compromised," it added.

 

It also noted the increased attacks target "not only American users, but also British and French users."

 

Trend Micro said prospective victims may be redirected to the phishing sites via spam messages that state that the user’s account will expire unless their information is subject to an “audit.”

 

Usually, such threats get users to click on the link. "It puts them in a mindset willing to give up information," it said.

 

Trend Micro advised the public they can identify the phishing sites because they do not display any indications that the site is secure, such as a browser padlock and “Apple Inc. [US]” part of the toolbar.

 

On the other hand, Trend Micro encouraged users to enable Apple's recently rolled out two-factor authentication for added protection. — TJD, GMA News