ONLINE SECURITY
New cyber attack on Apple? How can users protect themselves?
An SMS phishing campaign has been uncovered, targeting iPhone users who are being asked for their Apple ID and password.
Apple users are the targets of a latest high-profile cyber attack uncovered by security software suite Symantec, with iPhone owners urged to be on their guard and take steps to ensure they aren’t caught out.
How are iPhone users targeted by scammers?
The newest scam, which comes in the form of an iPhone text message, is an attempt to trick individuals into giving up their Apple ID and password.
Be on red alert if you receive an SMS that looks like it’s from Apple, which is exactly what hackers want you to think. You’ll be asked to urgently click on a link for an important iCloud update or verification, which will actually lead you to a fake website that asks for your Apple ID and password.
The website may look real but isn’t. Attackers have even included a CAPTCHA, which we would normally associate with secure sites. Once you complete it, you will be redirected to an outdated iCloud login page and asked to enter your credentials.
If you do, attackers may be able to access all sorts of personal and financial data, as well as control your devices.
There is also an email version of the scam, which can be identified by looking at the address it was sent from. If it contains strange, nonsensical characters or spelling mistakes, you can be sure it’s a trick.
How to protect yourself against the iPhone text scam
Apple is aware of the text messages being sent to iPhone users and has issued guidelines in order to stay safe.
Like the email scam, look closely at the URL on any links you have been sent. Once again, if there are unusual characters or symbols, words spelt incorrectly or odd phrases, don’t click on it.
As an example, Symantec identified the following message as part of the scam: “Apple important request iCloud: Visit signin[.]authen-connexion[.]info/icloud to continue using your services.”
Apple recommends installing two-factor authentication on your Apple ID, which adds an extra layer of security by requiring a password and a six-digit verification code when you log in using a new device. You will never be asked to disable the feature, unless it’s by scammers.
Using antivirus protection on your iPhone, and other devices, as well as keeping software up to date and changing your passwords regularly can also help you stay safe online.