Mobile
7/8/2014
09:10 AM
Connect Directly
Twitter
Twitter
RSS
E-Mail
50%
50%

Online Scammers Take Advantage Of iPhone 6, iWatch Hype

Phishing message claims to provide links to leaked iPhone 6 information and pictures.

Opportunistic cybercrooks are taking advantage of Apple enthusiasts' interest in the company's hottest new gadgets with a phishing campaign that promises the inside scoop on the iPhone 6 and the iWatch, security experts warned yesterday.

As the release date nears for these highly anticipated devices, criminals will increasingly use the lure of "leaked" information as an effective hook to land victims for various online scams, they say.

"We ask users to be careful of these 'announcement' emails, as they are fertile ground for phishing and other threats," writes Trend Micro's Jonathan Leopando in a blog post on the threat.

Trend's researchers discovered the emails over the weekend, explaining that the recent messages targeted journalists and other sources. The design featured the Spartan aesthetic frequently found in Apple missives, along with messages about how "the wait is over" for devices that allow users to do more than ever. Alongside that, there are supposedly leaked product photos and links to malicious sites to take advantage of curious readers.

Users who don’t keep track of Apple rumors or the iPhone release schedule might be caught out by this email, as it uses language that wouldn’t be out of place in a real Apple announcement. However, two things are worth noting: a July release would not fit the recent Apple release calendar--both the iPhone 5 and 5S were released in September, and the design in the email does not match recent mockups released by Apple rumor sites.

According to data compiled by Trend Micro last fall, around the time of the last release of Apple smartphones, cyber criminals tend to make hay with the hype over new Apple products. Whereas the number of Apple phishing sites identified early last year by Trend researchers numbered only in the hundreds, they started spiking into the thousands in May and continued that way through the announcement date in September.

If these latest phishing messages coincide with last year's trending numbers, email recipients should be wary. In particular, Apple users themselves should be careful. Just last week, US-CERT encouraged users and administrators to pay attention to security updates in Mac OSX, Safari, iOS devices, and Apple TV that addressed "multiple vulnerabilities, some of which could allow attackers to execute arbitrary code with system privileges or cause an unexpected application termination." It wouldn't be outside the realm of possibility to expect future scams to take advantage of these vulnerabilities.

"Ignore, delete and block these emails," says Christopher Budd, Trend Micro's global threat communication manager. "Do not give these emails a second thought because they are clearly lures to try to lead recipients down a path that may be harmful. This email scam is a common tactic used by cybercriminals. They latch themselves onto popular events or product releases, such as new hardware or video games, and draw unsuspecting into giving away vital security information."

According to the recent quarterly Anti-Phishing Workgroup (APWG) report, the first quarter of 2014 saw yet another increase in phishing attacks. Not only did the number of phishing sites creep up by 10.7 percent over the fourth quarter of 2013, but the number of brands targeted increased from 525 to 557 over the same time period.

"The number and diversity of phishing targets continued to increase," says Greg Aaron, senior research fellow for APWG and president of Illumintel.  "Almost any enterprise that takes in personal data via the web is a potential target."

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.  View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
7/8/2014 | 11:14:48 AM
Spike in iPhone phishing sites
If the number of past Apple phishing sites are a key predictor, I would suspect that this year's wave will reach into the tens of thousands! Yikes. 

Whereas the number of Apple phishing sites identified early last year by Trend researchers numbered only in the hundreds, they started spiking into the thousands in May and continued that way through the announcement date in September.
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.