Apple customers are prime targets for cyberattacks as they are more likely to have a high disposable income, a security expert has suggested.
WeLiveSecurity contributor Graham Cluley has warned owners of Apple devices to be on their guard after spotting a fresh SMS phishing scam designed to compromise Apple ID credentials.
The scam in question came in the form of a text message from “Appleinc” warning recipients that their Apple ID was about to expire.
Victims are urged to click a link to hold on to their ID, which directs them to a replica version of the Apple website where they’re asked to hand over their credentials.
After harvesting Apple ID usernames and passwords, the website then asks victims to provide further personal information to “unlock” their account – including their telephone number, address and credit card details.
“They deliberately took advantage of people’s trust in the Apple brand to steal information,” Mr. Cluley told the BBC.
“The truth is that criminals will go where the money is. Apple products cost more than some of their competitors so it’s likely that their customers have more disposable income.
“That’s cash which the bad guys would like to have filling their pockets,” he added.
Apple’s support website warns customers to never enter their Apple ID information on a non-Apple website.
However, with a convincing replica site, it can be sometimes difficult to spot the difference.
As well as the name of the text message sender “Appleinc”, the International Business Times noted that the URL victims were directed to – “isappleexpired.co.uk” – was another giveaway in this instance.
The phony website has since been blocked by web browsers including Chrome and Firefox.
Meanwhile, Mr. Cluley had advised Apple customers to be extra cautious of the links they click on via email and text message, suggesting two-factor authentication as an extra measure to back up Apple IDs.
by Narinder Purba, ESET We Live Security