Contents
Cyber Attack
A new cyberattack is targeting iPhone users, with criminals attempting to obtain individuals’ Apple IDs in a “phishing” campaign, security software company Symantec said in an alert Monday. Cyber criminals are sending text messages to iPhone users in the U.S. that appear to be from Apple, but are in fact an attempt at stealing victims’ personal credentials. “Phishing actors continue to target Apple IDs due to their widespread use, which offers access to a vast pool of potential victims,” Symantec said. “These credentials are highly valued, providing control over devices, access to personal and financial information, and potential revenue through unauthorized purchases.”
Consumers are also more likely to trust communications that appear to come from a trusted brand like Apple, warned Symantec, which is owned by Broadcom, a maker of semiconductors and infrastructure software.The malicious SMS messages appear to come from Apple and encourage recipients to click a link and sign in to their iCloud accounts. For example, a phishing text could say: “Apple important request iCloud: Visit signing au then -connexion.
info/icloud to continue using your services.” Recipients are also asked to complete a CAPTCHA challenge in order to appear legitimate, before they’re directed to a fake iCloud login page. Such cyberattacks are commonly referred to as “smishing” schemes in which criminals use fake text messages from purportedly reputable organizations, rather than email, to lure people into sharing personal information, such as account passwords and credit card data.
A California-based security firm has issued a new warning to iPhone users after finding that cybercriminals are actively seeking to exploit Apple IDs through malicious SMS messages.These forms of scams, also known as SMS phishing, are designed to trick recipients into revealing their Apple ID credentials. It is also used by hackers to access other sensitive information or to install malicious software on the devices of iPhone users.
“These credentials are highly valued, providing control over devices, access to personal and financial information, and potential revenue through unauthorized purchases,” Symantec owner Broadcom Inc. said in a notice on its website on July 2.“Additionally, Apple’s strong brand reputation makes users more susceptible to trusting deceptive communications that appear to be from Apple, further enhancing the attractiveness of these targets to cybercriminals. Apple did not immediately respond to an emailed request for comment from NTD.
Harden your iPhone from a cyberattack with Lockdown Mode
Lockdown Mode is an extreme protection feature for iPhone. Its protections include safer wireless connectivity defaults, media handling, media sharing defaults, sandboxing, and network security optimizations. Lockdown Mode is optional and should be used only if you believe you might be targeted by a highly sophisticated cyberattack, such as by a private company developing state-sponsored mercenary spyware.
Important: Most people are never targeted by attacks of this nature.
When iPhone is in Lockdown Mode, it doesn’t function as it typically does. Apps, websites, and features are strictly limited for security, and some functionality isn’t available, including:
1) Share Play
2) Shared Albums
3) FaceTime Live Photos
4) FaceTime Continuity Handoff
In addition, your iPhone must be unlocked to connect with wired accessories. (Some connections are permitted for a short time after going into Lockdown Mode.)
Turn on Lockdown Mode
Go to Settings > Privacy & Security > Lockdown Mode, then tap Turn On Lockdown Mode.
If you’ve set up an Apple Watch with your iPhone, turning on Lockdown Mode also turns it on for the paired Apple Watch (requires watches 10 or later).
How to protect yourself
Be cautious about opening any text messages that appear to be sent from Apple. Always check the source of the message — if it’s from a random phone number, the iPhone maker is almost certainly not likely not to be the sender. iPhone users should also avoid clicking on links inviting people to access their iCloud account; instead, go to login pages directly.
“If you’re suspicious about an unexpected message, call, or request for personal information, such as your email address, phone number, password, security code, or money, it’s safer to presume that it’s a scam — contact that company directly if you need to,” Apple said in a post on avoiding scams.
Apple urges users to always enable two-factor authentication for Apple ID for extra security and to make it harder to access to your account from another device. It is “designed to make sure that you’re the only person who can access your account,” Apple said.
Apple adds that its own support representatives will never send its users a link to a website and ask them to sign in, or to provide your password, device passcode, or two-factor authentication code. “If someone claiming to be from Apple asks you for any of the above, they are a scammer engaging in a social engineering attack. Hang up the call or otherwise terminate contact with them,” the company said. The Federal Trade Commission also recommends setting up your computer and mobile phone so that security software is updated automatically.
Identifying the Scam
Symantec said in the notice that it discovered “a very recent case” of “smishing” in the United States involving hackers distributing deceptive SMS messages that appeared to be from Apple. One such SMS message observed by the cybersecurity company and sent to iPhone users read: “Apple important request iCloud: Visit signing authen-connexion info/iCloud to continue using your services.”
Upon clicking the malicious link, iPhone users were directed to a webpage mimicking an outdated iCloud login template where they’re encouraged to hand over their credentials, according to the notice. In addition, scammers also included a CAPTCHA—a type of challenge-response authentication used to determine whether the user is human—to the fake website that users had to complete before proceeding in order to make the phishing attack appear more legitimate, the company said.
Symantec also pointed out that the fake website could be accessed via desktop or mobile browsers, which the cybersecurity firm said is unusual for SMS phishing. Typically, smishing actors restrict access to their malicious websites to users on mobile browsers and specific regions to evade detection by monitoring systems,” the company said.
Tips to Avoid Phishing
In guidelines published on Apple’s support page on July 4, the tech giant said hackers will often convey a desire to help iPhone users resolve an immediate problem. “They may claim that someone broke into your iPhone or iCloud account, or made unauthorized charges using Apple Pay. The scammer will claim they want to help you stop the attacker or reverse the charges,” the guidelines read.
Apple also said scammers might ask iPhone users to disable security features like two-factor authentication or Stolen Device Protection. “They will claim that this is necessary to help stop an attack or to allow you to regain control of your account,” the company said. “However, they are trying to trick you into lowering your security so that they can carry out their own attack.”
Apple underscored that it will never ask its users to disable any security feature on their devices or accounts. These types of scams are also not limited to Apple, many users have reported methods of scammers trying to trick recipients into revealing their credentials.
To avoid scams or identity theft, never open suspicious emails or click unsecured links from unknown emails, and be cautious when answering unexpected calls or messages if you don’t know the sender. If you’re offered an unfamiliar job opportunity or money, this is often a scam. Requests from charities could also be a ploy to steal information.