Developer Shows Off iOS Phishing Attack That Is Very Convincing

This is the very pretty very expensive iPhone

This is the very pretty very expensive iPhone

Felix Krause has shown of a proof of concept that could be used to steal peoples login information.

He wrote in a blog post that Apple's reliance on asking users to regularly enter their passwords to undertake a range of functions presents a security hole that could easily be used by hackers to steal user credentials.

If the dialog and the app are still visible, then it's a system dialog.

You should also know that the new emojis will be available on all Apple OS: "The new emoji will debut in next week's developer and public beta previews of iOS 11.1, and will be available in upcoming software updates for iOS, macOS and watchOS".

An Apple iPhone smartphone appears as a silhouette in Zenica, Bosnia, May 17, 2013.

Is Tesoro Corp (NYSE:TSO) Going to Burn These Institutional Investors?
The firm has "Equal Weight" rating by Barclays Capital given on Monday, August 7. (NYSE:CF) rating on Wednesday, October 21. The stock of Andeavor Logistics LP (NYSE:ANDX) earned "Neutral" rating by Credit Suisse on Monday, October 26.

Apple iOS asks for your iTunes account password for various reasons, be it OS updates, for purchases, changing your device pin, etc. "This is a tricky problem to solve, and Web browsers are still tackling it; you still have websites that make popups look like macOS/iOS popups so that many users think [are] system message [s]". Krause also shares a tip on how to tell if it is a phishing attempt, and all users have to do is press the home button when they receive the popup. That being said, it should be pointed out that this phishing method isn't exactly new and that Apple usually checks apps for this before being accepted to the App Store.

Worryingly, the side-by-side comparisons of an official iOS popup and a phishing copy are impossible to distinguish between, so we'd have just plonked our password straight into the sweaty palms of a hacker without even realising it.

"This could easily be abused by any app..."

The developer who made the discovery recommends that you simply don't enter your details into a popup, but rather dismiss it, and open the Settings app manually. See for more information.

Latest News