Cybercriminals empty victims’ wallets ahead of smartphone release

News Desk -

Share

Apple has confirmed that the long-awaited new iPhone 14 will be unveiled to the public on September 7th at its global Apple Event. Kaspersky experts have already discovered numerous examples of phishing pages claiming to buy 14 iPhones but in reality attempting to empty victims’ bank accounts and steal their Apple ID accounts. From the 10th to the 25th of August, Kaspersky security solutions detected over 8,700 new iPhone-related phishing sites.

As the iPhone 14 announcement date approaches, so does the number of phishing pages. On August 25, for example, Kaspersky experts detected a total of 1,023 iPhone-related phishing pages, which is nearly double the average number of such malicious site detections per day for the period.

The number of detected Apple- and iPhone-related phishing pages from 10th August, 2022 to 25th August, 2022

Traditionally, before the release of any new iPhone, cybercriminals create fake store pages offering to pre-order or even buy a new smartphone at a discount before the official announcement. Because official photos of the iPhone 14 have yet to appear online, attackers use photos of older phone models to entice users. When the victim enters their bank card information to pay for the purchase, funds are deducted from their account, but the user does not receive the order.

Phishing page in Vietnamese, where attackers offer users to pre-order the iPhone 14 Pro Max with a discount

The attention of cybercriminals to the popularity of iPhones is not limited to the release of new models. Crooks can sometimes get much more than just the victim’s Apple ID by tricking them into paying for an order on a fake page. Apple ID is a username and password that is used to access Apple services such as the App Store, Apple Music, iCloud, iMessage, FaceTime, and others.

Attackers trick victims into entering their username and password on the phishing page by imitating a standard Apple ID login page. They then gain access to all of their victims’ email addresses, sign-in passwords, contacts, and payment information. Cybercriminals can also gain access to the victim’s iCloud, which stores personal photos, document scans, and other data. Attackers may later use these photos for identity theft or even blackmail.

Users are asked to login with their Apple ID on the phishing page

To gain access to an Apple ID, attackers can put victims under pressure by telling them that they could lose their device at any time due to a threat. For example, Kaspersky experts have discovered examples of phishing pages that appear unexpectedly on the device’s screen and warn the victim that “access to this Apple device has been blocked for illegal activities.”

To gain access to the device, the victim is instructed to dial a phony Apple support number, which the cybercriminals will answer. The fraudulent practice of convincing individuals to call cybercriminals and reveal personal information and bank details over the phone is known as vishing (short for voice phishing). Such follow-up pages frequently “lock” the computer screen, displaying only the threat message, leaving the user no choice but to call the scammers’ number. During the call, cybercriminals will use various social engineering techniques to obtain Apple ID data, personal information, or to request a phone support fee, obtaining credit card information in this way.

The follow-up page with a warning encourage victims to call cybercriminals

“Cybercriminals often monitor new trends much more actively than ordinary users. They are constantly looking for something trendy that would interest people, and therefore can be used as a bait to trick them into entering credentials or payment data. The presentation of the new iPhone 14 is no exception and every year we see increasing activity of attackers around the annual release of new iPhone models. This why users should always be especially careful and not enter their personal data on suspicious pages, to avoid falling a victim of cybercriminals,” comments Olga Svistunova, security expert at Kaspersky.

To avoid falling victim to scams, Kaspersky recommends users:

  • Check the authenticity of the website before entering personal data, and only use official, trusted web pages to watch or download movies. Double-check URL formats and company name spellings
  • It’s better not to follow links from e-mails at all. Instead you can open a new tab or window and enter the URL of your bank or other destination manually.
  • Avoid logging into online banking and similar services via public Wi-Fi networks. Hotspots are convenient, but it’s better to use a secure network. Open networks can be created by criminals who, among other things, spoof website addresses over the connection and thereby redirect you to a fake page.
  • Use a reliable security solution, such as Kaspersky Security Cloud, that identifies malicious attachments and blocks phishing sites