Mobile
7/8/2014
09:10 AM
Connect Directly
Twitter
Twitter
RSS
E-Mail
50%
50%

Online Scammers Take Advantage Of iPhone 6, iWatch Hype

Phishing message claims to provide links to leaked iPhone 6 information and pictures.

Opportunistic cybercrooks are taking advantage of Apple enthusiasts' interest in the company's hottest new gadgets with a phishing campaign that promises the inside scoop on the iPhone 6 and the iWatch, security experts warned yesterday.

As the release date nears for these highly anticipated devices, criminals will increasingly use the lure of "leaked" information as an effective hook to land victims for various online scams, they say.

"We ask users to be careful of these 'announcement' emails, as they are fertile ground for phishing and other threats," writes Trend Micro's Jonathan Leopando in a blog post on the threat.

Trend's researchers discovered the emails over the weekend, explaining that the recent messages targeted journalists and other sources. The design featured the Spartan aesthetic frequently found in Apple missives, along with messages about how "the wait is over" for devices that allow users to do more than ever. Alongside that, there are supposedly leaked product photos and links to malicious sites to take advantage of curious readers.

Users who don’t keep track of Apple rumors or the iPhone release schedule might be caught out by this email, as it uses language that wouldn’t be out of place in a real Apple announcement. However, two things are worth noting: a July release would not fit the recent Apple release calendar--both the iPhone 5 and 5S were released in September, and the design in the email does not match recent mockups released by Apple rumor sites.

According to data compiled by Trend Micro last fall, around the time of the last release of Apple smartphones, cyber criminals tend to make hay with the hype over new Apple products. Whereas the number of Apple phishing sites identified early last year by Trend researchers numbered only in the hundreds, they started spiking into the thousands in May and continued that way through the announcement date in September.

If these latest phishing messages coincide with last year's trending numbers, email recipients should be wary. In particular, Apple users themselves should be careful. Just last week, US-CERT encouraged users and administrators to pay attention to security updates in Mac OSX, Safari, iOS devices, and Apple TV that addressed "multiple vulnerabilities, some of which could allow attackers to execute arbitrary code with system privileges or cause an unexpected application termination." It wouldn't be outside the realm of possibility to expect future scams to take advantage of these vulnerabilities.

"Ignore, delete and block these emails," says Christopher Budd, Trend Micro's global threat communication manager. "Do not give these emails a second thought because they are clearly lures to try to lead recipients down a path that may be harmful. This email scam is a common tactic used by cybercriminals. They latch themselves onto popular events or product releases, such as new hardware or video games, and draw unsuspecting into giving away vital security information."

According to the recent quarterly Anti-Phishing Workgroup (APWG) report, the first quarter of 2014 saw yet another increase in phishing attacks. Not only did the number of phishing sites creep up by 10.7 percent over the fourth quarter of 2013, but the number of brands targeted increased from 525 to 557 over the same time period.

"The number and diversity of phishing targets continued to increase," says Greg Aaron, senior research fellow for APWG and president of Illumintel.  "Almost any enterprise that takes in personal data via the web is a potential target."

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.  View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
7/8/2014 | 11:14:48 AM
Spike in iPhone phishing sites
If the number of past Apple phishing sites are a key predictor, I would suspect that this year's wave will reach into the tens of thousands! Yikes. 

Whereas the number of Apple phishing sites identified early last year by Trend researchers numbered only in the hundreds, they started spiking into the thousands in May and continued that way through the announcement date in September.
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
DNS Threats: What Every Enterprise Should Know
Domain Name System exploits could put your data at risk. Here's some advice on how to avoid them.
Flash Poll
Containing Corporate Data on Mobile Devices
Containing Corporate Data on Mobile Devices
If you’re still focused on securing endpoints, you’ve got your work cut out for you. WiFi network provider iPass surveyed 1,600 mobile workers and found that the average US employee carries three devices -- a smartphone, a computer, and a tablet or e-reader -- with more than 80% of them doing work on personal devices.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
Tim Wilson speaks to two experts on vulnerability research – independent consultant Jeremiah Grossman and Black Duck Software’s Mike Pittenger – about the latest wave of vulnerabilities being exploited by online attackers