Number of fake phishing sites exceed the daily average by several times

The phishing websites and spammers have been targeting Apple IDs in a number of different ways and unfortunately there is a significant increase seen in the number of such attacks. Apple ID allows a user to plug into the Apple services like iWork, iTunes, iStore and iCloud. It is actually an all-inclusive account to use the company’s services. The spammers steal the Apple ID from users and use it to purchase products from iStore or to gain the access to the personal data of users.  apple ID scam

Cyber criminals send out emails using the fake Apple websites with a malicious link which ask the user to login with their Apple ID. The phishing mails are so cleverly designed to look as real with official language and the Apple logo. These mails are signed as ‘Apple Customer Support’ and also include a link to FAQ.

The links in the email take the user to the fake Apple pages resembling the originally Apple pages very closely. The only thing which signifies the spam mails is the lack of the recipient’s name at the beginning of the email. apple ID scam

Asking for login details and credit card details is one of the most commonly used ways by attackers. As users enter their information, they are landed to a page where there details are stolen and used by the attackers.

A significant spike is noticed in the number of phishing sites on the web targeting Apple IDs since beginning of 2012. According to the report posted by Kaspersky Lab Expert Nadezhda Demidova around web antivirus 200,000 detections are recorded per day whereas the figure was just around 1,000 detections per day in 2011.apple_phishing_01s

As shown in the graph above, the web antivirus detections are continuously increasing since 2011.  The highest point recorded was 939,549 detections on December 6, 2012 and 856,025 on May 1, 2013. The sudden hike was noticed just after the opening of new iTunes stores in Indian, Turkey, Russia, South Africa and 52 other countries.

How to avoid these attacks

You can easily avoid getting into this scam, just by being a bit careful. Those phishing emails can be spotted with a watchful eye, says SecureList.

The lack of recipient name in the beginning is the first thing to notice and the address lines are also easily distinguishable.

Be careful of the images showing the address line. These images could be the fake page used to stead your personal details.

You can also identify the phishing sites by checking the URL. The real Apple sites include the HTTPS padlock next to APPLE in the URL toolbar.

Posted by with Tags
Shiwangi Peswani is a qualified writer and a blogger, who loves to dabble with and write about computers and the Internet. While focusing on and writing on technology topics, her varied skills and experience enables her to write on any topics which may interest her.

One Comment

  1. cnd

    This is wrong: ” Those phishing emails can be spotted with a watchful eye, says SecureList ” – there are literally dozens of DIFFERENT ways hackers attack you via phishing, including malware delivery, zero-day-exploits, fake access points and other MitM, and so many online databases have been stolen in the past, that every good hacker out there already knows your name.

    Apple need to try harder to protect their customers, such as by using mutual-authentication and transaction verification solutions – and not by stupidly hoping that all their billions of users will somehow manage to “not get tricked” by these increasingly sophisticated attackers!

Leave a Reply

Your email address will not be published. Required fields are marked *

3 + 1 =