Fake Apple website to steal user accounts

Security firm Kaspersky Lab warned on August 5 that Apple accounts (Apple IDs) are being targeted by cybercriminals.

The letter was sent to users by a hacker pretending to be an Apple employee.
(Photo: Kaspersky Lab)

Specifically, the main form of attack used by hackers is phishing sites, imitating the official website of apple.com. According to Kaspersky, the number of times the web antivirus detects malware from fake apple.com sites is very high. Cybercriminals have used spam to spread links to phishing sites, where users will enter their Apple ID and password.

For example, hackers create very sophisticated emails with formal language and a fake email address in the “From” field.[email protected]. In fact, the email is sent from a different address but is hidden, and the user only realizes it when dragging the cursor to the links.

In another case, the hackers crafted the email very carefully, including placing the Apple logo on the background of the letter and a link to “Frequently Asked Questions” and signing it as “Apple Customer Support”. And, the only flaw to recognize this fake email is that it lacks the recipient’s name in the opening.

Email recipients are often "lured" to fake websites that look like Apple's official website and declare their Apple ID and password, making it easy for hackers to steal user accounts.

Hackers create websites that look exactly like Apple's to trick users.
(Photo: Kaspersky Lab)

According to Kaspersky Lab, although the fake address line may contain the phrase “apple.com” in one form or another, users who pay attention can still recognize it. However, if the website is opened in the mobile Safari browser on an iPhone or iPad, the user cannot see the address line because it is hidden when the pages are loaded.

To protect their accounts, Kaspersky Lab experts recommend that users enable two-factor authentication for their Apple ID, with a four-digit verification code sent to one or more trusted devices. Two-step verification makes unauthorized access or account modifications impossible on My Apple ID pages and prevents any purchases made with the user account from third parties.

In addition, users should be cautious if they receive a message with the name of Apple or an employee of the company; avoid clicking on any links in the message but should enter the link yourself into the address line. In case you have clicked on the link, users must carefully check the content and the address displayed on the browser./.

According to Kaspersky Lab, since the beginning of 2012, the number of web antivirus detections occurring when users using Kaspersky security software try to access virus-infected websites has increased significantly. During this time, Kaspersky Lab experts recorded an average of about 200,000 detections/day (this number was about 1,000 detections/day in 2011).

In particular, the number of times the web antivirus function detected malware from fake apple.com pages exceeded the average many times (for example, on December 6, 2012, there were 939,549 detections, on May 1, 2013, there were 856,025 detections).

According to Vietnam+ - LT