Cybercriminals Target iPhone Users To Steal Apple IDs

Cybercriminals have been targeting iPhone users to steal Apple IDs. Symantec, a security software company owned by Broadcom, published a warning last week, alerting users about malicious campaigns sent via email and SMS in the United States.

According to Symantec, hackers are targeting Apple users and trying to steal Apple IDs “due to their widespread use,” as it allows them to make purchases, access personal and financial information, and since Apple is known for its security and privacy measures, users are more vulnerable towards threats that impersonate Apple to get private information.

The malicious campaigns reported in the United States encourage users to visit a website that mimics the iCloud page and requests login information. One of the malicious SMS users received stated: “Apple important request iCloud: Visit signin[.]authen-connexion[.]info/icloud to continue using your services.”

Apple Shared Guidelines And Recommendations

After multiple alerts from users, publications, and cybersecurity organizations, Apple shared a document with information, tips, and recommendations to avoid these scams through its support section.

“If you believe that your Apple ID has been compromised, or if you might have entered your password or other personal information on a scam website, change your Apple ID password immediately and ensure that two-factor authentication is enabled,” states the document.

Apple recommends users never share personal information, passwords, or security codes with anyone, especially if it is requested through a link. The tech giant also encourages customers to activate the two-factor authentication to protect their Apple ID.

The company also shared information on how cybercriminals operate and how to recognize signs and behaviors that alert about a possible social engineering attack. “They will often convey a desire to help you resolve an immediate problem. For example, they may claim that someone broke into your iPhone or iCloud account, or made unauthorized charges using Apple Pay,” it explains, “The scammer will claim they want to help you stop the attacker or reverse the charges.”

The document also includes guidelines on what to do after receiving a malicious message, how to report it through official communications channels, and where to find more relevant information.