Kapersky writes that the phishing attacks attempt to secure the Apple ID credentials of unsuspecting victims, which can then be used to access said users’ iTunes and iCloud accounts and subsequently retrieve stored credit card numbers.
From January 2012 through May 2013 Kaspersky Lab’s cloud-based Kaspersky Security Network (KSN) detected an average of 200,000 attempts per day of users trying to access the phishing sites, which were triggered each time a user running Kaspersky Lab’s products was directed to one of the fraudulent sites.
The increase in average detections is a marked increase compared to 2011, which averaged only 1000 detections per day. Kaspersky Lab’s web antivirus module successfully detected and prevented its users from accessing the sites; however, the increase in detections shows how these scams are becoming more commonly used by cybercriminals for phishing campaigns.
Not surprisingly, scammers tend to up the ante with respect to phishing attacks whenever Apple expands the presence of its online iTunes Store. As an example, Kapersky notes that on December 6, 2012, following the iTunes Store arriving in over 50 new countries, the company detected over 900,000 phishing attempts via fake Apple emails in a single day.
According to Kapersky, the favored modus operandi amongst phishing scammers is to send emails purporting to be from Apple Support wherein users are asked to verify their account by entering in their iCloud credentials. Naturally, these fake emails mimic the same look and feel actually used in authentic Apple emails.
In the wake of Apple’s Developer Center outage last week, scammers have also taken to sending fake emails claiming that users can access their developer accounts once again simply by clicking on a link masquerading as a legit Apple URL.
With phishing attacks on the rise, users should be increasingly vigilant and and aware before entering in their Apple ID credentials via an email message.
Kapersky adds some helpful tips:
Users should verify email address aliases from Apple by checking the original sender address first. On a computer this can be done by mousing over the sender address field, which reveals the sender alias’ true email address. When using a mobile device, users should touch the email alias from the sender, which expands the alias to show the full address of the sender.
To guard against fraud attempts, Apple also provides a two-step authentication process for Apple IDs. This process involves sending a four-digit code to one or more previously selected devices belonging to the user. This serves as an additional verification and prevents undesired changes being made on the “my Apple ID” site or, for example, third parties making unauthorised purchases using your Apple ID.
Apple itself has put up a support document detailing how to tell fake Apple emails from authentic ones.
Look alive out there, people!