Apple Users Hit with Phishing Attack

Wednesday, April 1, 2015 @ 04:04 PM gHale

A phishing email is going out that asks for payment card data and Apple ID credentials with the catch being Apple (the attacker) needs to info for security reasons.

The fraudulent email message does not address the recipient by name, which would be one strong indication from the beginning, and says they need to verify billing information for undisclosed security purposes.

Apple Fixes Safari Holes
Tool Cracks Apple Device Passwords
Android, iOS Apps Vulnerable to FREAK
Apple Gets the FREAK Out

There is a link to a “reset page” offered, which the attackers said will expire after a period of three hours, thus rushing the users into carrying out the action or their Apple account will have some undisclosed limitations.

Antivirus vendor, Bitdefender, found the alert and analyzed the entire scam and discovered that following the “reset” link takes the recipient to a log-in screen that has nothing to do with Apple.

The information fields available will harvest not only the Apple ID credentials but also payment card details such as full name, date of birth, country of residence, address, ZIP code, card number and type, its expiration date, CVV (card verification value) and the 3D Secure password.

The card data alone is enough for fraudsters to be able to make online purchases in the name of the victim. The 3D Secure password is an additional security service offered by some banks, which also ended up implemented by some online retailers to prevent fraud.

Bitdefender said after all the details end up entered, the fake page informs the victim the two-factor authentication (2FA) security mechanism has been enabled for their Apple account.

To make the phishing message look more credible, the attacker let the victim know if they believe someone has gained access to the profile without authorization, they can change the password at another link provided.

Leave a Reply

You must be logged in to post a comment.