Trend Micro Warns of Surge in Phishing Sites Targeting Apple IDs

Trend Micro researchers are warning of a spike in phishing sites designed to steal Apple IDs — they recently identified 110 of the sites, all of which are hosted at the IP address, registered to a Houston-area ISP.

“Upon looking at the URLs, we noted that there was a consistent pattern to the URLs of these phishing sites,” writes Trend Micro’s Paul Pajares. “They are under a folder named ~flight.”

The phishing pages themselves very closely match Apple’s login pages. Some ask not just for the user’s Apple ID and password, but also for the billing address and credit card information.

“Users may be redirected to these phishing sites via spam messages that state that the user’s account will expire unless their information is subject to an ‘audit,’ which not only gets users to click on the link, it puts them in a mindset willing to give up information,” Pajares writes.

Pajares suggests that Apple customers enable two-factor authentication, and exercise caution in clicking on links in messages that appear to come from the company.

Jeff Goldman
Jeff Goldman has been a technology journalist for more than 20 years and an eSecurity Planet contributor since 2009.

Top Products

Top Cybersecurity Companies

Related articles