Phishers Target Apple Device Theft Victims

Friday, March 6, 2015 @ 05:03 PM gHale

A phishing program targets users who have had their iPad or iPhone stolen, which could give bad guys a way to find information necessary to unlock stolen devices.

iOS device users can switch on Lost Mode on iOS’ Find My Phone feature, which makes the locked device sport a message to the finder of the lost device, often with instructions on how to contact them to return it.

Alter One Bit, Bypass Security
Microsoft: Control System Warning
IE Hole Allows Attackers to Phish
New Malware Stays Hidden

The phishing program starts with a message sent to the contact phone number provided by the legitimate user. The message seems like it’s coming from Apple, and tries to trick the recipient into believing his device has been located. In order to see the location, the user has to follow the offered link.

Unfortunately for them, the link takes them to a very legitimate looking spoof of Apple’s iCloud login page.

The address of the page includes the word “icloud” to seem legitimate, and another indication this is more than just a simple random iCloud phishing scheme is the fact the site is available in ten different languages.

“In this campaign, the attackers’ ultimate aim is to acquire the user’s iCloud credentials in order to turn Lost Mode off and make the stolen device usable,” said Malwarebytes’ Joji Hamada in a blog post. “Owners who are emotionally distressed due to the loss of their iPhone or iPad may easily fall for the scam, as they may be desperate to get their device back.”

As a word of caution, users should be careful when evaluating the legitimacy of unsolicited messages from unknown sources, and to err on the side of safety if they can’t tell if a message is genuine.

Leave a Reply

You must be logged in to post a comment.