Apple ID password prompts can be used for phishing attacks

Apple ID password prompts can be used for phishing attacks. A developer reports a ios11 bug to bugreport.apple.com yesterday because Apple ID password prompts can easily be replicated for phishing attacks. he finds a way to create a similar icloud, iTunes and apple id popup asking for icloud credentials. In this case, the credentials were simulated in an app or into a web link. this attack can be persistent and continually be repeated into the home screen, running an app or browsing with safari. Even programmers who know a lot about technology, have a hard time detecting that those alerts are phishing attacks or not.

phishing ios 11 iphone x

Apple ID password prompts can be used for phishing attacks

This is working on iOS11, asking users password for iTunes / Apple ID using iOS prompts popup window, this is common for Apple OS platform.  asking you icloud credentials to login or restore any iDevice. that’s why this bug is important, it is so credible, apple use it every time and you fill secure doing it.

phishing ios 11 iphone x

But you must be aware of this sort of things because it is possible, if not likely. we suggests that if a pop-up like this appears, and there is some uncertainty towards it, simply hit the Home button. If the pop-up stays active, then it is tied to the Apple system and is officially supposed to be there. If the pop-up goes away, then its probably a phishing attack and you must be aware.

Tips to avoid this :

Never enter your password into a popup, special from emails or SMS links,  instead, close it, and open the Settings app manually to add any icloud credentials. This is the same advise you must use like you should never click on links from emails, but instead open the website manually.

Source: iOS Privacy: steal.password – Easily get the user’s Apple ID password, just by asking

READ NEXT: Apple employees arrested for selling clients personal data