sb-nz logo
Story image

Apple iCloud users are the new bait in phishing campaigns

15 Jun 2016

Apple iCloud users are the latest targets of phishing campaigns and those campaigns are using the same content but different domains to target Apple users, FireEye reports. Several phishing campaigns have targeted Apple users since January 2016, specifically Apple IDs and passwords.

Any Apple user who uses iCloud, iTunes or the App Store are vulnerable, as the Apple IDs are the same for every device, be it iPhone, iPad, iPod Touch, Mac or Windows computer

iCloud, which acts as a cloud syncing and sharing hub for contacts, documents, notes and photos across all Apple devices, also allows storage of passwords and credit card information.

According to FireEye, "Anyone with access to an Apple ID, password and some additional information, such as date of birth and device screen lock code, can completely take over the device and use the credit card information to impersonate the user and make purchases via the Apple Store."

FireEye says the malicious phishing domains resemble legitimate domains, and these have been used in attacks against iCloud users in the UK and China. They are sending the same content through different domains to target Apple users.

The two main campaigns reported by FireEye labs are:

1. The Zycode phishing campaign, which targets Apple's Chinese customers through a password variable in the JavaScript code. In addition, phishing domains used in campaigns are neither registered nor pointing to Apple infrastructure.

2. A targeted phishing campaign against UK Apple users reveals a number of domains that serve the same phishing content. "A simple HTTP GET (via the wget utility) to the domain's page reveals HTML code containing a meta-refresh redirection to the signin.php page," the FireEye blog says.

Story image
Acronis expands global data centre network, including new facilities in NZ
The expansion ensures that the full range of Acronis Cyber Protection Solutions will be available to partners and organisations around the world.More
Story image
Zoom to begin rolling out end-to-end encryption
Available starting from next week, it represents the first phase out of four of the company’s greater E2EE offering, which was announced in May following backlash that the company was lax on its security and privacy.More
Story image
Experiencing ransomware significantly impacts cybersecurity approach
"The survey findings illustrate clearly the impact of these near-impossible demands. Among other things, those hit by ransomware were found to have severely undermined confidence in their own cyber threat awareness."More
Story image
New project development inhibited by cybersecurity, Kaspersky research states
"There are still some practical steps that can be taken to make sure that an emerging technology or a product reaches its launch. Cybersecurity doesn’t have to be another corporate barrier, but it should be on an integral part of the project all long."More
Link image
The importance of data resilience in the current cybersecurity climate
Protecting an organisation's data is one of the most crucial functions of any CISO. Strategies should be in place where data is stored securely and cost-effectively.More
Story image
Interview: How cyber hygiene supports security culture - ThreatQuotient
We spoke with ThreatQuotient’s APJC regional director Anthony Stitt to dig deeper into cyber hygiene, security culture, threat intelligence, and the tools that support them.More