09:10 AM
Connect Directly

Online Scammers Take Advantage Of iPhone 6, iWatch Hype

Phishing message claims to provide links to leaked iPhone 6 information and pictures.

Opportunistic cybercrooks are taking advantage of Apple enthusiasts' interest in the company's hottest new gadgets with a phishing campaign that promises the inside scoop on the iPhone 6 and the iWatch, security experts warned yesterday.

As the release date nears for these highly anticipated devices, criminals will increasingly use the lure of "leaked" information as an effective hook to land victims for various online scams, they say.

"We ask users to be careful of these 'announcement' emails, as they are fertile ground for phishing and other threats," writes Trend Micro's Jonathan Leopando in a blog post on the threat.

Trend's researchers discovered the emails over the weekend, explaining that the recent messages targeted journalists and other sources. The design featured the Spartan aesthetic frequently found in Apple missives, along with messages about how "the wait is over" for devices that allow users to do more than ever. Alongside that, there are supposedly leaked product photos and links to malicious sites to take advantage of curious readers.

Users who don’t keep track of Apple rumors or the iPhone release schedule might be caught out by this email, as it uses language that wouldn’t be out of place in a real Apple announcement. However, two things are worth noting: a July release would not fit the recent Apple release calendar--both the iPhone 5 and 5S were released in September, and the design in the email does not match recent mockups released by Apple rumor sites.

According to data compiled by Trend Micro last fall, around the time of the last release of Apple smartphones, cyber criminals tend to make hay with the hype over new Apple products. Whereas the number of Apple phishing sites identified early last year by Trend researchers numbered only in the hundreds, they started spiking into the thousands in May and continued that way through the announcement date in September.

If these latest phishing messages coincide with last year's trending numbers, email recipients should be wary. In particular, Apple users themselves should be careful. Just last week, US-CERT encouraged users and administrators to pay attention to security updates in Mac OSX, Safari, iOS devices, and Apple TV that addressed "multiple vulnerabilities, some of which could allow attackers to execute arbitrary code with system privileges or cause an unexpected application termination." It wouldn't be outside the realm of possibility to expect future scams to take advantage of these vulnerabilities.

"Ignore, delete and block these emails," says Christopher Budd, Trend Micro's global threat communication manager. "Do not give these emails a second thought because they are clearly lures to try to lead recipients down a path that may be harmful. This email scam is a common tactic used by cybercriminals. They latch themselves onto popular events or product releases, such as new hardware or video games, and draw unsuspecting into giving away vital security information."

According to the recent quarterly Anti-Phishing Workgroup (APWG) report, the first quarter of 2014 saw yet another increase in phishing attacks. Not only did the number of phishing sites creep up by 10.7 percent over the fourth quarter of 2013, but the number of brands targeted increased from 525 to 557 over the same time period.

"The number and diversity of phishing targets continued to increase," says Greg Aaron, senior research fellow for APWG and president of Illumintel.  "Almost any enterprise that takes in personal data via the web is a potential target."

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.  View Full Bio

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Marilyn Cohodas
Marilyn Cohodas,
User Rank: Strategist
7/8/2014 | 11:14:48 AM
Spike in iPhone phishing sites
If the number of past Apple phishing sites are a key predictor, I would suspect that this year's wave will reach into the tens of thousands! Yikes. 

Whereas the number of Apple phishing sites identified early last year by Trend researchers numbered only in the hundreds, they started spiking into the thousands in May and continued that way through the announcement date in September.
Register for Dark Reading Newsletters
White Papers
Current Issue
Five Emerging Security Threats - And What You Can Learn From Them
At Black Hat USA, researchers unveiled some nasty vulnerabilities. Is your organization ready?
Flash Poll
Containing Corporate Data on Mobile Devices
Containing Corporate Data on Mobile Devices
Employees want to work on personal smartphones and tablets. Can container technology protect sensitive data while they do so -- without being so kludgy that users bypass it?
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
According to industry estimates, about a million new IT security jobs will be created in the next two years but there aren't enough skilled professionals to fill them. On top of that, there isn't necessarily a clear path to a career in security. Dark Reading Executive Editor Kelly Jackson Higgins hosts guests Carson Sweet, co-founder and CTO of CloudPassage, which published a shocking study of the security gap in top US undergrad computer science programs, and Rodney Petersen, head of NIST's new National Initiative for Cybersecurity Education.