Developer Shows Off iOS Phishing Attack That Is Very Convincing

Developer Shows Off iOS Phishing Attack That Is Very Convincing

Developer Shows Off iOS Phishing Attack That Is Very Convincing

Felix Krause has shown of a proof of concept that could be used to steal peoples login information.

He wrote in a blog post that Apple's reliance on asking users to regularly enter their passwords to undertake a range of functions presents a security hole that could easily be used by hackers to steal user credentials.

If the dialog and the app are still visible, then it's a system dialog.

You should also know that the new emojis will be available on all Apple OS: "The new emoji will debut in next week's developer and public beta previews of iOS 11.1, and will be available in upcoming software updates for iOS, macOS and watchOS".

An Apple iPhone smartphone appears as a silhouette in Zenica, Bosnia, May 17, 2013.

Stocks Overview: Cytori Therapeutics (CYTX) and K2M Group Hldngs Cmn (KTWO)
The market capitalization (Stock Price Multiply by Total Number of Outstanding Shares) for the company is reported at $781.52M. The value of the investment in ( KTWO ) went from $11,393,000 to $18,090,000 increasing 58.8% since the last quarter.

Apple iOS asks for your iTunes account password for various reasons, be it OS updates, for purchases, changing your device pin, etc. "This is a tricky problem to solve, and Web browsers are still tackling it; you still have websites that make popups look like macOS/iOS popups so that many users think [are] system message [s]". Krause also shares a tip on how to tell if it is a phishing attempt, and all users have to do is press the home button when they receive the popup. That being said, it should be pointed out that this phishing method isn't exactly new and that Apple usually checks apps for this before being accepted to the App Store.

Worryingly, the side-by-side comparisons of an official iOS popup and a phishing copy are impossible to distinguish between, so we'd have just plonked our password straight into the sweaty palms of a hacker without even realising it.

"This could easily be abused by any app..."

The developer who made the discovery recommends that you simply don't enter your details into a popup, but rather dismiss it, and open the Settings app manually. See support.apple.com for more information.

Latest News