Rather than use pop-ups, he says, Apple should ask users to open the Settings app and input their credentials there, thereby eliminating the apps from the process altogether. Looking ahead, Krause believes the best way to fix the problem is by Apple making some tweaks to the way apps ask for Apple ID passwords. If there’s an issue, you’ll be alerted as soon as you log in. Instead, log in to your Apple account on or via the Settings app on your iPhone or iPad, or through iTunes on your Mac. If the home button closes the app, it was a phishing scam, but if the pop-up remains, it’s a real Apple request. Always log in to your Apple account directly. He also suggests clicking the home button when a pop-up is displayed. Still, Krause said that users can protect themselves by never inputting passwords into pop-ups and instead going into the iPhone’s Settings menu and do it there to ensure it’s a legitimate request. Users, then, would be hard-pressed to determine whether it was a legitimate password request or one that could leave their credentials open for theft. Nearly 2 percent of Apple’s top-grossing apps on one day were scams and they have cost people 48 million. Apple’s legitimate pop-ups display information and then request users input their Apple ID passwords to proceed.Īccording to Krause, any app developer can create an identical pop-up, and he was able to do just that as part of his research. They come up when users want to make an app purchase or when account content, like iCloud data, needs to be accessed. This could easily be abused by any app.”Īpple ID alerts are common fare in a typical day using the iPhone. when they want to access iCloud, GameCenter or In-App-Purchases. “However, those popups are not only shown on the lock screen, and the home screen, but also inside random apps, e.g. The scams are carried out using many methods, including. A string of scams are taking place, in which people are asked to make payments over the phone for things such as taxes, hospital bills, bail money, debt collection and utility bills. “Users are trained to just enter their Apple ID password whenever iOS prompts you to do so,” Krause wrote in a blog post. Be aware of scams involving Apple Gift Cards, App Store & iTunes Gift Cards, and Apple Store Gift Cards. If the person inputs the password, the malicious app owner could steal the information and users wouldn’t even know they were targeted. According to Krause, developers can turn on an alert inside their apps that look identical to the legitimate pop-up requesting a user’s credentials. Security researcher Felix Krause on Tuesday published a proof-of-concept that shows how easy it is for hackers to replicate the familiar “Sign In to iTunes Store” Apple prompt on the iPhone and steal a user’s password. However, others include a great amount of detail to fool users like the email 9to5Mac’s Zac Hall got today.Apple’s iPhone customers could potentially fall victim to a scam that would see them unwittingly hand over their Apple ID credentials. Like the image below, some phishing attempts are easier to spot with typos and strange punctuation. For any phishing or suspicious messages that are pretending to come from Apple, forward them to For any suspicious messages that come to your, me.com, or mac.com email account, forward them to To report spam or other suspicious iMessages, tap Report Junk under the message.How to report phishing attempts and other suspicious messages to Apple ![]() Also, this is perfect to share with less tech savvy friends and family. You can go to Mail/View/Message/Show all Headers to see more. Even if you feel confident in your fake email and phishing spotting prowess it’s worth looking over. Apple will always address you by your name or the name they have on file for you, not Dear Customer, Dear Client or by using your e-mail address. In addition to staying safe yourself, you can help the broader community and reduce phishing and more by reporting suspicious messages to Apple when you notice them, here’s how.Īpple has a great support document on spotting phishing and other other nefarious messages. ![]() Phishing and scams are a constant issue and staying sharp to weed out attempts is important.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |