Provide your email for confirmation

Tell us a bit about yourself

country *
province *

why we ask about location

Please provide your email address

Login

To share your thoughts

Don't have an account?

Login with email

Check your inbox

We just sent a link to your inbox. Click the link to continue signing in. Can’t find it? Check your spam & junk mail.

Didn't get a link?

Sign up

Ready to get started

Already have an account?

Sign up with email

By signing up you agree to Rappler’s Terms and Conditions and Privacy

Check your inbox

We just sent a link to your inbox. Click the link to continue registering. Can’t find it? Check your spam & junk mail.

Didn't get a link?

Join Rappler+

How often would you like to pay?

Monthly Subscription

Your payment was interrupted

Exiting the registration flow at this point will mean you will loose your progress

Your payment didn’t go through

Exiting the registration flow at this point will mean you will loose your progress

Apple ID phishing scheme revealed

MANILA, Philippines - Trend Micro revealed a new scheme that criminals are using to grab at the average user's personal information: your Apple ID.

According to the report, 110 compromised sites are apparently posing as verification or log-in pages for a user's Apple ID. The URLs of these phishing sites share a common thread: they are all under a folder named ~flight. The directory folder contains pages that look like the Apple ID login page, but are actually sites that try to steal your personal information.

The phishing sites themselves were compromised rather than hacked, though they could be hacked or defaced if the sites remain compromised.

The 110 compromised sites are hosted at a specific IP address, 70.86.13.17, which is registered to an ISP in the Houston area.

The phishing attempts take on different forms, with some of them coming from spam emails. As Trend Micro explains, "Some versions of this attack ask not only for the user’s Apple ID login credentials, but also their billing address and other personal and credit card information." While they do say that access has been restored after a user has put in his information, that user's information has already been taken.

Trend Micro advises users to use two-factor authentication for their Apple IDs, and to check the legitimacy of a link before clicking it. - Rappler.com

Victor Barreiro Jr.

Victor Barreiro Jr is part of Rappler's Central Desk. An avid patron of role-playing games and science fiction and fantasy shows, he also yearns to do good in the world, and hopes his work with Rappler helps to increase the good that's out there.

image