SecurityBrief Asia logo
Story image

Phishers bypass content blockers and target Apple users in latest attacks

20 Feb 2017

A simple replica login page is fooling Apple users into falling for a phishing attack, which is using a font substitution tactic to avoid virus software detection, MailGuard reports.

The login page mimics Apple’s real page, but instead its aim is to collect Apple IDs and passwords from unsuspecting users.  The company suspects phishing attackers are looking for ways to make purchases, access private iCloud data and even wipe devices entirely.

Users receive an email, appearing to be from ‘AppleSupport’, but has only been tied to a domain registered just last month, which MailGuard suspects has been purely for spam purposes.

The email states that an account upgrade is underway, but there has been a problem and users must click to verify their accounts.

To bypass email security filters, the email uses Greek characters in place of p, u and w.

MailGuard CEO Craig McDonald says the characters help block antivirus and content filters that look for suspicious phrases such as ‘we will suspend your account’ and other ‘account verification’ traps.

The company says the phishing page looks even more genuine, with features that include resizing for different device screens.

Apple suggests that users choose strong passwords with numbers and punctuation. Two-factor authentication and difficult security questions can also help provide more protection. Apple also recommends that users never share passwords or verification codes with anyone else.

Story image
Five things ANZ businesses should know about storing customers’ data
Businesses need to correlate events intelligently across multiple threat surfaces, application layers, and time spans to connect event A, to event B, to event C — even if they are months apart.More
Story image
iland and Cohesity form alliance, target data protection market
"Together with Cohesity, we will deliver elegant and cutting-edge solutions that will take our joint customers’ digital transformation projects to the next level."More
Story image
Video: 10 Minute IT Jams - SonicWall VP on the cybersecurity lessons learned from the last 12 months
This is our seventh IT Jam with SonicWall, the cybersecurity company specialising in firewall, network security, cloud security and more.More
Story image
Video: 10 Minute IT Jams - Radware VP on the challenges of cloud security
In this interview, Techday speaks to Radware vice president of technologies Yaniv Hoffman, who discusses the primary challenges facing IT organisations in terms of their cloud security apparatus.More
Story image
Attivo Networks expands Active Directory suite for greater protection
"We see Active Directory exploitation used in the majority of ransomware, insider and advanced attacks. We are pleased to now offer our customers early and efficient solutions for preventing the misuse of Active Directory.”More
Story image
ThreatQuotient hits $22.5m in new financing, continues growth streak
“Since we first invested in ThreatQuotient in 2017, their team has continued to prove to the market that there is a critical need for cybersecurity solutions aimed at security operations."More