Cybercriminals Increasingly Target Apple ID Data, Kaspersky Warns

The average number of phishing site detections is 200,000 per day

  Apple phishing site detections since January 2012
There’s a lot that cybercriminals can do with the ID data of Apple customers. They can gain access to their personal information and make purchases on the victims’ behalf.

There’s a lot that cybercriminals can do with the ID data of Apple customers. They can gain access to their personal information and make purchases on the victims’ behalf.

In addition, in some cases, crooks that attempt to phish out Apple IDs also try to gain access to payment card details.

As Apple’s popularity grows, it becomes a more and more tempting target for malicious cyber schemes.

According to Kaspersky, back in 2011, the company’s security products detected only around 1,000 daily instances in which their customers accessed Apple phishing websites. Since the beginning of 2012, the number of daily detections increased considerably to an average of around 200,000.

On December 6, 2012, Kaspersky detected close to 1 million detections, and on May 1, 2013, over 850,000 fake apple.com detections were recorded.

Experts say the massive surges in cybercriminal activity are usually a result of a major Apple-related event. For instance, in December 2012, the iTunes Store was launched in 56 countries worldwide, which explained the large number of phishing site detections.

Cybercriminals use various methods to lure Apple customers to phishing websites, but the most popular method is represented by spam emails.

A simple “we need to verify your Apple ID” message usually does the trick. Many users don’t hesitate to click on the links contained in such notifications and once they see that the website they’re taken to looks like Apple’s legitimate site, they provide their details without giving it too much thought.

In many cases, the URLs of these websites are designed to look like the legitimate Apple domains. It’s easy for the crooks to place their phishing pages on subdomains such as “apple.com.[maliciousdomain].com.”

The most dangerous phishing scams are the ones designed to harvest financial information as well. Users can protect their Apple accounts by activating two-factor authentication.

However, if the crooks get ahold of your banking details, Apple’s security feature can’t do anything to protect you. That’s why the best thing to do is be cautious whenever you receive suspicious-looking Apple notifications.

Comments