If you are an iPhone or iPad user, then this is one (very clever) scam that you need to be aware of.
The ACCC and iOS code developer Felix Krause are warning Apple users about a phishing scam that is so perfectly executed, even experts are having trouble detecting it.
How many times has your phone asked you to “Sign in to iTunes Store”? And how many times have you punched in your passcode without a second thought?
It’s time to start thinking twice before signing in.
Why? Because it could be a phishing scam, where scammers can gain access to your personal details (including credit card deets).
iTunes Pop Up Phishing Scam
This “Sign in to iTunes Store” fake pop up (on the left) looks eerily similar to the real password pop-up (on the right).
But the fake form “is capable of stealing credit card and personal details in just seconds,” Felix explains.
Can you tell the difference? We certainly can’t!
There are countless times when Apple asks for your sign in details, especially if you’re visiting the app or iTunes store. However, those popups are not only shown on the lock screen, and the home screen, but also inside random apps.
“This could easily be abused by any app, just by showing an UIAlertController, that looks exactly like the system dialog,” Felix adds.
How to protect yourself
If you are in an app and receive the “Sign in” pop up, Felix suggests hitting the home button to see if the app quits.
“If it closes the app, and with it the dialog, then this was a phishing attack.”
Felix adds that it’s safer to enter your Apple ID in Settings and go from there instead. That way you avoid the pop-up and potential phishing scam altogether.
Phishing on the rise
Phishing scams are one of the most popular types of online scams. They involve a scammer pretending to a government departments or a well-known business, such as Apple.
“It’s difficult to spot a scammer online these days as they go to great lengths to trick the public and steal personal information and money,” says ACCC Deputy Chair Delia Rickard.
The ACCC’s Scamwatch site has received more than 51,000 reports already this year of scammers trying to con people online. Online scam losses total nearly $37 million so far in 2017.
For more information on keeping your family safe from online threats, check out the popular app warnings that all parents need to know.