Story image

Apple iCloud users are the new bait in phishing campaigns

15 Jun 16

Apple iCloud users are the latest targets of phishing campaigns and those campaigns are using the same content but different domains to target Apple users, FireEye reports. Several phishing campaigns have targeted Apple users since January 2016, specifically Apple IDs and passwords.

Any Apple user who uses iCloud, iTunes or the App Store are vulnerable, as the Apple IDs are the same for every device, be it iPhone, iPad, iPod Touch, Mac or Windows computer

iCloud, which acts as a cloud syncing and sharing hub for contacts, documents, notes and photos across all Apple devices, also allows storage of passwords and credit card information.

According to FireEye, "Anyone with access to an Apple ID, password and some additional information, such as date of birth and device screen lock code, can completely take over the device and use the credit card information to impersonate the user and make purchases via the Apple Store."

FireEye says the malicious phishing domains resemble legitimate domains, and these have been used in attacks against iCloud users in the UK and China. They are sending the same content through different domains to target Apple users.

The two main campaigns reported by FireEye labs are:

1. The Zycode phishing campaign, which targets Apple's Chinese customers through a password variable in the JavaScript code. In addition, phishing domains used in campaigns are neither registered nor pointing to Apple infrastructure.

2. A targeted phishing campaign against UK Apple users reveals a number of domains that serve the same phishing content. "A simple HTTP GET (via the wget utility) to the domain's page reveals HTML code containing a meta-refresh redirection to the signin.php page," the FireEye blog says.

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Verifi takes spot in Deloitte Asia Pacific Fast 500
"An increasing amount of companies captured by New Zealand’s Anti-Money laundering legislation are realising that an electronic identity verification solution can streamline their customer onboarding."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.
What disaster recovery will look like in 2019
“With nearly half of all businesses experiencing an unrecoverable data event in the last three years, current backup solutions are no longer fit for purpose."
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.
Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.