Story image

Apple iCloud users are the new bait in phishing campaigns

15 Jun 16

Apple iCloud users are the latest targets of phishing campaigns and those campaigns are using the same content but different domains to target Apple users, FireEye reports. Several phishing campaigns have targeted Apple users since January 2016, specifically Apple IDs and passwords.

Any Apple user who uses iCloud, iTunes or the App Store are vulnerable, as the Apple IDs are the same for every device, be it iPhone, iPad, iPod Touch, Mac or Windows computer

iCloud, which acts as a cloud syncing and sharing hub for contacts, documents, notes and photos across all Apple devices, also allows storage of passwords and credit card information.

According to FireEye, "Anyone with access to an Apple ID, password and some additional information, such as date of birth and device screen lock code, can completely take over the device and use the credit card information to impersonate the user and make purchases via the Apple Store."

FireEye says the malicious phishing domains resemble legitimate domains, and these have been used in attacks against iCloud users in the UK and China. They are sending the same content through different domains to target Apple users.

The two main campaigns reported by FireEye labs are:

1. The Zycode phishing campaign, which targets Apple's Chinese customers through a password variable in the JavaScript code. In addition, phishing domains used in campaigns are neither registered nor pointing to Apple infrastructure.

2. A targeted phishing campaign against UK Apple users reveals a number of domains that serve the same phishing content. "A simple HTTP GET (via the wget utility) to the domain's page reveals HTML code containing a meta-refresh redirection to the signin.php page," the FireEye blog says.

NZ Internet Task Force joins iSANZ Hall of Fame
NZITF chair Barry Brailey and former chairs Mike Seddon and Paul McKitrick received the award in Auckland last week.
Quantum computing: The double-edged sword for cybersecurity
Quantum computing is quickly moving from science fiction to reality.
Three ways to achieve data security whilst enabling BYOD
"A mobility strategy is now more important than ever before, that said, selecting the right one is often no small task."
How IoT and hybrid cloud will change in 2019
"Traditional VPN software solutions are obsolete for the new IT reality of hybrid and multi-cloud."
WatchGuard’s eight (terrifying) 2019 security predictions
The next evolution of ransomware, escalating nation-state attacks, biometric hacking, Wi-Fi protocol security, and Die Hard fiction becomes reality.
GCSB's CORTEX project scoops iSANZ Award
“I believe this award is particularly significant as it is acknowledgement from our peers in the information security industry and from across the private sector."
NZ firms lack cybersecurity confidence, HP survey says
Out of 434 of New Zealand’s small and large businesses, only half (50%) feel confident that they would be able to cope if they experienced a significant cybersecurity breach.
SonicWall secures hybrid clouds by simplifying firewall deployment
Once new products are brought online in remote locations, administrators can manage local and distributed networks.