Watch out for phishing attacks that can steal Apple ID passwords very hard to detect
Felix Krause, the iOS developer and founder of Fastlane.Tools, describes a nearly undetectable phishing attack, explaining how iOS apps poisoned to steal Apple ID passwords to access iCloud accounts and personal data.
Looking at the 2 images of the iCloud password asking iPhone users below, you can distinguish what is real, what is fake?
The screen requires entering iCloud password
At first glance, these two screens are identical, but the pop-up shown on the second picture is just a fake - a perfect attack is used to trick those who are not careful.
Felix Krause, the iOS developer and founder of Fastlane.Tools, describes a nearly undetectable phishing attack, explaining how iOS apps poisoned to steal Apple ID passwords to access iCloud accounts and personal data.
According to Krause's post, the iOS app only needs to use UIAlertController to display a fake dialog, mimicking the look and language that Apple uses. This makes it easier for hackers to persuade users to give Apple ID passwords without a doubt.
'iOS can ask users for iTunes passwords for a variety of reasons, most commonly updating iOS operating systems or applications. At that time, users often enter their Apple ID password without question, 'Krause said. 'However, these pop-ups are not only displayed on the lock screen, Home but also in the app, for example when accessing iCloud, Game Center or IAP'.
The app developer can also create fake alerts without knowing the user's email because sometimes Apple does the same as shown below.
Login without user email
Although there is no evidence of an attacker exploiting this trick, Krause says that it is easy to copy the system notification dialog, any standalone application can do it. For security reasons, he did not give the actual source of pop-ups when describing this attack.
This is how to prevent this type of smart phishing attack
Krause advises users to press the Home button when suspicious dialog boxes appear. If this operation closes the application and the dialog box is a scam. If both the dialog and the application are still there, that's true Apple.
'The reason is that the system dialog is running on another process, not part of the iOS app'.
Krause also recommends that users avoid entering information into any pop-ups, instead opening Settings and filling in them, as well as how users are encouraged not to click on the link received via email and then visit the website itself.
Even more important is the use of two-factor authentication, even when a password is available, the attacker does not get an OTP.
You should read it
- Forgot your iCloud password and the fastest way to recover
- How to change iCloud password?
- Differentiate Apple ID and iCloud
- Users can now manage iCloud passwords directly on Windows
- How to check the password of iCloud Keychain
- How to fix iCloud error requires login on iPhone and iPad
- iPhone keeps asking for iCloud password, how to fix it?
- iPhone forgot screen and iCloud password, how to get it back quickly
- How to remove iphone icloud activation lock without password
- How to icloud activation unlock using UltFone Activation Unlocker tool
- How to recover forgotten iCloud, iTunes, Apple ID passwords on iPhone and iPad
- Forgot Apple ID password, how to quickly recover Apple ID password