New Apple ID Phishing Effort Compromises Over 100 Sites

As highlighted by The Next Web, security firm Trend Micro yesterday outlined a new phishing scam that has seen the perpetrators compromise over 100 sites in their attempts to gain access to users' Apple ID accounts. While Apple IDs are relatively popular targets for phishing scams, Trend Micro's analysis offers some interesting detail on the approaches used by the criminals.

We’ve identified a total of 110 compromised sites, all of hosted at the IP address 70.86.13.17, which is registered to an ISP in the Houston area. Almost all of these sites have not been cleaned. [...]

We’ve seen attacks targeting not only American users, but also British and French users. Some versions of this attack ask not only for the user’s Apple ID login credentials, but also their billing address and other personal and credit card information. It will eventually result in a page that states that access has been restored, but of course the information has been stolen.

Trend Micro's sample of a spam message designed to trick recipients into sharing their account information at the compromised sites shows a very poor attempt at copying Apple's email style, but inexperienced Internet users are undoubtedly still falling for the scheme.

apple_id_phish
Trend Micro offers a number of suggestions to help users protect themselves from phishing scams, including checking for consistent domains throughout email addresses and links included in an email and checking for indicators that the user is at a secure site associated with the correct company.

While phishing scams rely on the gullibility of users to direct them to fake account management sites, Apple has sought to increase account security on its own site with its recent introduction of two-step verification to help minimize the possibility of an unauthorized party gaining access to a user's account. That feature is, however, only available in a handful of countries for the time being.

Top Rated Comments

MonkeySee.... Avatar
120 months ago
If any of you fall for that email, raise your hand and hit yourself with it.
Score: 32 Votes (Like | Disagree)
WestonHarvey1 Avatar
120 months ago
Why you email he sent, indeed.
Score: 27 Votes (Like | Disagree)
Kaibelf Avatar
120 months ago
Oh for Pete's sake! LOOK at the email. Putting a stupid Apple logo on the top doesn't mean people should suddenly lose the ability to see this obvious phishing attempt. By the way "inexperienced internet users" is irrelevant. The broken English and crazy wording should have been enough of a tip to ANY sensible person.
Score: 25 Votes (Like | Disagree)
Laird Knox Avatar
120 months ago
That email true is. They fix helped me my Loging correctly. You should send infos by next 48 hours!
Score: 10 Votes (Like | Disagree)
ks-man Avatar
120 months ago
Tim Cook is a supply chain and operations guy, not an English professor. He probably needed to quickly get this e-mail out to let the users know.

I, for one, am glad that I got this and was quickly able to get my security credentials in order. We'll see how much you are all laughing when your Apple IDs get closed down.
Score: 8 Votes (Like | Disagree)
Creep89 Avatar
120 months ago
Why you email he sent?

Yay, better enter my Apple ID.
Score: 8 Votes (Like | Disagree)

Popular Stories

2022 back to school apple

Apple Launches 2022 Back to School Offer: Up to $150 Gift Card With Mac or iPad

Friday June 24, 2022 5:08 am PDT by
Apple today launched its annual "Back to School" promotion for college/university students in the United States and Canada. This year's promotion offers a free Apple gift card with the purchase of an eligible Mac or iPad, rather than free AirPods like last year. Apple is also offering students 20% off AppleCare+ plans during the promotion. Apple is offering a $150 gift card with the purchase ...
airpods pro 2 1

AirPods Pro 2 Said to Feature Upgraded H1 Chip, Find My, Heart Rate Detection, USB-C and More

Friday June 24, 2022 9:48 am PDT by
The next-generation AirPods Pro could come with a long list of new features that include heart rate detection, the ability to function as a hearing aid, and a USB-C port according to a report from 52Audio. The site claims that it has received new information on the AirPods Pro 2, and it has used that information to provide some renders on what the earbuds might look like. Design wise, there...
m1 mac mini screen

Gurman: Apple Planning M2 Pro Mac Mini, New Apple TV With A14 Chip, Revamped HomePod With S8 Chip, and More

Sunday June 26, 2022 6:31 am PDT by
In the latest edition of his Power On newsletter for Bloomberg, Mark Gurman outlined additional M2 Macs on Apple's product roadmap, including new Mac mini models with M2 and M2 Pro chips, new 14-inch and 16-inch MacBook Pro models with M2 Pro and M2 Max chips, and a new Mac Pro tower with M2 Ultra and "M2 Extreme" chips. Following the M2 series of Macs, Gurman said the first M3 series of...
apple ar headset concept 1

Apple Rumored to Announce 'Game-Changer' AR/VR Headset in January 2023

Friday June 24, 2022 2:52 am PDT by
Apple is "likely" to announce its long-rumored mixed-reality headset as soon as January 2023, Apple analyst Ming-Chi Kuo has reiterated. Concept render based on purported leaked information by Ian Zelbo In a detailed post on Medium, Kuo explained that Apple's headset will be a "game-changer" for the augmented-reality and virtual-reality market. Describing some of the headset's...
widgets ios 16 feature

Gurman: iPhone 14 Pro to Feature Always-On Display Showing iOS 16's New Lock Screen Widgets

Sunday June 26, 2022 7:36 am PDT by
iPhone 14 Pro models are widely expected to feature always-on displays that allow users to view glanceable information without having to tap to wake the screen. In the latest edition of his Power On newsletter for Bloomberg, Mark Gurman said the feature will include support for iOS 16's new Lock screen widgets for weather, fitness, and more. "Like the Apple Watch, the iPhone 14 Pro will be...