Filtered by: Scitech
SciTech

Kaspersky notes rise in phishing scams targeting Apple


With Apple's popularity rising, cybercriminals are targeting users of its various products and services, as shown by a rise in phishing scams trying to get Apple ID data, a security vendor reported.
 
Kaspersky Labs said these cybercriminals want personal information stored in iCloud and the purchases made in Apple's iTunes Store - and even bank details used to pay for those purchases.
 
"The scammers make use of phishing sites that imitate the official apple.com site. Since the beginning of 2012 until the present time this has resulted in a significant increase in the number of web antivirus detections triggered by users of our products attempting to visit such sites," it said (http://www.securelist.com/en/blog/8108/Apple_of_discord).
 
From 2012 to now, it noted an average of 200,000 detections per day. This was a far cry from 2011 when the figure stood at merely 1,000 detections per day.
 
Kaspersky noted a rise in web antivirus detections for fake apple.com phishing sites.
 
It cited a peak in such sites on December 6, 2012 with 939,549 detections; and May 1, 2013 with 856,025 detections.
 
"This periodic surge in cybercriminal activity and the resulting increase in web antivirus detections can be put down to important events in the life of Apple. For example, December's peak occurred immediately after the iTunes Store opened in Russia, Turkey, India, South Africa and 52 other countries around the world," it said.
 
Kaspersky warned users against clicking on links in emails, which it said may lead to phishing sites.
 
"For example, cybercriminals send out emails on behalf of Apple in which they ask the recipient to confirm their account by following a link in the message. The link leads to a fake website where users are asked to enter their Apple ID and password - this data is then stolen by the cybercriminals and used for their own ends," it said.
 
But in many cases, users can tell they are being scammed by looking at the address line - "it may contain 'apple.com' in one form or another, but even a less experienced user could spot the fake address."
 
Scammers can also add additional elements to a page such as an image showing an address line with the legitimate address, it said.
 
Kaspersky also advised users to activate two-factor authentication for Apple ID, which involves a four-digit verification code sent to one or more trusted devices.
 
Yet, it said this will not protect a user from losing money if a user provides cybercriminals with his or her bank details.
 
"Therefore, if you receive a message in the name of Apple or one of its employees, be careful: it's worth calling the technical support people at the company to make absolutely sure it is legitimate," it said.  — ELR, GMA News
More Videos
LOADING CONTENT