Cybercriminals increasingly target Apple users

Infotech Lead America: Kaspersky Lab’s latest cloud-based Kaspersky Security Network (KSN) report has found increased phishing reports targeting Apple users.

Cybercriminals are using fake Apple sites to try and trick users into submitting their Apple ID credentials, which would enable the criminals to steal the users’ account login and access the victim’s personal data, information and credit card numbers stored on their iCloud and iTunes accounts.

From January 2012 through May 2013 Kaspersky Lab’s cloud-based Kaspersky Security Network (KSN) detected an average of 200,000 attempts per day of users trying to access the phishing sites, which were triggered each time a user running Kaspersky Lab’s products was directed to one of the fraudulent sites.

The increase in average detections is a marked increase compared to 2011, which averaged only 1000 detections per day. Kaspersky Lab’s web antivirus module successfully detected and prevented its users from accessing the sites; however, the increase in detections shows how these scams are becoming more commonly used by cybercriminals for phishing campaigns, the company said.

Cybercriminals’ behaviour and patterns reveal that the fluctuations and increases in phishing attempts often coincided with large events from Apple.  For example, on December 6, 2012, immediately following the opening of iTunes stores in India, Turkey, Russia, South Africa and an additional 52 countries, Kaspersky Lab detected an all-time record of more than 900,000 phishing attempts directing to fake Apple sites in a single day.

The main distribution method used by cybercriminals to direct users to the fraudulent Apple sites are predominantly phishing emails posing as Apple Support with fake alias names in the “Sender” field, such as [email protected]. The messages would typically request users to verify their account by clicking on a link and entering their Apple ID information. Some of these mails are clearly deceptive, using Apple’s logo and presenting the message with similar formatting, colouring and style that Apple uses.

Another variation of these phishing emails are designed to steal Apple customers’ credit card information. This is done by sending users an email requesting that they verify or update the credit card credentials attached to their Apple IDs, which can be done by clicking on a link in the message.

The link directs the user to a phishing site that imitates how Apple requests credit card information from their customers to fool users into inputting their credit card information and other personal information.

[email protected]