Apple users are once again under alert following reports of a new wave of SMS phishing attacks targeting Apple IDs.
What is it?
The phishing campaign is disguised as a legitimate message from Apple, prompting unsuspecting victims to click a link and sign into their iCloud accounts. Often presented as a security alert, the message may say something like, "Important request from iCloud. Please log in to continue using your account."
To add to the authenticity of the scam, a CAPTCHA (verification) step is included before users are directed to a fake login page.
What does this allow hackers to do?
Once hackers gain access to Apple ID information, they can often access a huge amount of incredibly sensitive or valuable data. This could include app logins for banking, social media, and other services, which can then be used to commit crimes such as fraud and ID theft.
How can users avoid this scam?
Apple users should remember that Apple will never ask them to fill in sensitive data via a browser pop-up.
Users should also:
- Regularly update their iOS software.
- Thoroughly analyse apps before downloading them from the App Store.
- Implement two-factor authentication to strengthen their accounts.
- Ensure that anti-virus software is installed and scans are conducted regularly.
- For enhanced protection, users can implement tools like Cyber Xpert, which helps guide them on cybersecurity best practices while also monitoring their digital assets to alert them of cyber threats.
For more information, visit https://dynarisk.com/products/cyber-xpert