Apple Users Beware: Phishing Sites Are After Account Credentials


It's not a surprising finding and one that experts have been predicting, but data being collected by antivirus vendors is revealing a rising number of threats targeting Apple users. While malware growth is relatively flat, phishing sites designed to trick users into giving up their account credentials is on the rise.

Threat detection data collected by Kaspersky Lab shows a significant increase in phishing sites attempting to trick users into giving up their Apple account credentials, according to Nadezhda Demidova, who recently provided analysis of the Apple phishing threat data. Apple iCloud and iTunes accounts can be lucrative to cybercriminals, Demidova said.

In addition to information stored in the Apple account, "many malicious users go further and try to the steal bank card details used to pay for those purchases," Demidova wrote.

[Related: 5 Phishing Attack Trends You May Have Missed]

Phishing attacks targeting Apple users increased from 1,000 detections per day on average in 2011 to about 200,000 detections per day today, according to the Kaspersky Lab data. Many of the sites attempt to mirror the official Apple store or an official-looking Apple credential reset page. A user who doesn't pay attention to the location of the Web page can easily be tricked into giving up information.

Fake Apple.com phishing sites rose and declined throughout the year, but some significant surges can be traced to Apple events. Demidova noted that some of the surges in phishing can be attributed to iTunes store unveilings in Russia and more than 50 other countries in 2012.

The Mac malware threat, meanwhile, remains low. Only 2.5 percent of threats encountered by Mac users were written specifically for Macs, according to statistics from Symantec. The latest Threat Report from McAfee supports Symantec's findings and noted that malware growth was flat throughout much of 2012, with no growth in the first quarter of 2013.

Much of the Apple malware being detected stems from attack toolkits that continue to use the Flashback Trojan, which was behind an advertising click fraud campaign that targeted a Java error to infect Macs. Statistics vary but most experts say that Flashback infected about 600,000 Macs. Flashback may have served as a wake-up call to Apple users that they are not immune to malware attacks despite the lower risk of infection.

Graham Cluley, a U.K.-based security expert, said Mac threats are lower in number but include many of the standard problems encountered by PC users. Fake antivirus software has been configured to target both Mac and PC users and malicious software also targets browser components regardless of the platform the user is running, Cluley told CRN.

"I think you would be very foolish to not run an antivirus on your Mac," Cluley said. "Mac malware in the last couple of years has moved from being experimental to having clearly been built with financial and spying motivations."

PUBLISHED JULY 2, 2013