Fake Apple website used to steal user accounts.

August 5, 2013 22:31

On August 5th, Kaspersky Lab warned that Apple ID accounts are becoming targets for cybercriminals.



The letter was sent to users by a hacker posing as an Apple employee.
(Image: Kaspersky Lab)

Specifically, the primary attack method used by hackers is phishing sites, mimicking the official apple.com website. According to Kaspersky, the number of times malware is detected by web-based antivirus software from fake apple.com sites is very high. Cybercriminals have used spam emails to distribute links leading to these phishing sites, where users enter their Apple ID and password.

For example, hackers create highly sophisticated emails with formal language and a fake email address in the "Sender" field.[email protected]In fact, the email was sent from a different address but was hidden, and the user only realized it when they hovered their cursor over the links.

In another instance, hackers meticulously crafted emails, placing the Apple logo in the background, including a link to "Frequently Asked Questions," and signing it as "Apple Customer Support." The only flaw identifying this as a fake email was the lack of the recipient's name in the header.

Recipients of these emails are often "lured" to fake websites that look like Apple's official site, where they provide their Apple ID and password, allowing hackers to easily steal their accounts.



Hackers create websites that look exactly like Apple's to trick users.
(Image: Kaspersky Lab)

According to Kaspersky Lab, in the two examples above, although the spoofed address may contain the phrase "apple.com" in one form or another, users can still recognize it if they pay attention. However, if the website is opened using the Safari mobile browser on an iPhone or iPad, the address cannot be seen because it is hidden when the page loads.

To protect their accounts, Kaspersky Lab experts recommend that users enable two-factor authentication for their Apple ID, with a 4-digit verification code sent to one or more trusted devices. Two-step verification makes unauthorized access or account modifications impossible on My Apple ID pages and prevents any purchases made using the user's account with third parties.

Additionally, users should be wary if they receive a message with the name Apple or an Apple employee; avoid clicking on any links in the message and instead enter the link directly into the address bar. If a link has already been clicked, users must carefully check the content and the address displayed in their browser.

According to Kaspersky Lab, since the beginning of 2012, the number of web antivirus detections occurring when users using Kaspersky security software attempt to access websites infected with viruses has increased significantly. During this period, Kaspersky Lab experts recorded an average of approximately 200,000 detections per day (compared to around 1,000 detections per day in 2011).


Notably, the number of malware detections by web-based antivirus functions on fake apple.com sites far exceeded the average (for example, 939,549 detections on December 6, 2012, and 856,025 detections on May 1, 2013).


According to Vietnam+ - LT