Apple ID popup password scam – 3 ways to keep safe

Rights, Scams and Politics

Updated on 16 October 2017 | 1 Comment

Tech expert warns Apple ID popup password scam is hard to detect, but there are three ways to guard against falling for it.

Fraudsters have developed a way to trick Apple users into handing over their iTunes password using phishing popups hidden in apps.

With regular IOS system and app updates, it’s not unusual for an iPhone or iPad user to be asked for their Apple ID password.

But Felix Krause, a software expert, has uncovered how scammers are exploiting our habit of entering this sensitive information without pausing to consider why.

Check your credit report for signs of suspicious activity

Can you spot the fake popup?

Krause explains in his blog that scammers use a mobile phishing attack that imitates the popup familiar to all Apple users.

The fake password request that appears in apps looks almost identical to the genuine popups iPhone and iPad users get from time to time.

Krause was able to recreate a fake popup in an app. Can you tell the difference?

Apple ID fake popup with email (Image: Felix Krause)

Worryingly, some authentication popups don’t always require an email address, making it even easier for scammers to get your password.

Apple ID popup no email (Image: Felix Krause)

Dangerous habits

As users are in the habit of entering their password whenever they see this prompt, scammers are easily stealing confidential information just by asking. 

Once scammers have your password it gives them the key to unlocking other accounts that may use it.

Krause said: "Users are trained to just enter their Apple ID password whenever iOS prompts you to do so.

"This could easily be abused by any app. Even users who know a lot about technology have a hard time detecting that those alerts are phishing attacks."

Easy scam opportunity

Krause didn't disclose the technicalities of how the scam is able to operate in apps but wants to draw attention to the loophole and potential for a rise in mobile app phishing.

He warns that it’s worryingly easy to recreate.

“Showing a dialogue that looks just like a system popup is super easy, there is no magic or secret code involved, it's literally the examples provided in the Apple docs, with a custom text.

“I decided not to open source the actual popup code, however, note that it's less than 30 lines of code and every iOS engineer will be able to quickly build their own phishing code,” he said.

Three ways to keep safe

Krause has three tips for Apple users worried about falling victim to this scam.

Hit the home button – each time you get a  pop-up press the home button to see if the app quits. If the app and the pop-up disappear at the same time, it’s a phishing attack. If the app and the pop-up remain, Krause says it’s a genuine request.

Enter your password manually –instead of always entering your details the moment you see a popup get into the habit of dismissing the request and open the Settings app to do it manually.

Clear before cancelling – Krause says even if you hit cancel, a scam pop-up will be able to see the details you’ve typed in, so make sure all fields are blank before cancelling.

Check your credit report for free

Up next:

Apple scams: fake iTunes, app store, Netflix and 'account suspended' emails to avoid

Reporting scams: who to contact when you get fraudulent phone, post and email

Comments

Be the first to comment

Do you want to comment on this article? You need to be signed in for this feature

Copyright © lovemoney.com All rights reserved.

 

loveMONEY.com Financial Services Limited is authorised and regulated by the Financial Conduct Authority (FCA) with Firm Reference Number (FRN): 479153.

loveMONEY.com is a company registered in England & Wales (Company Number: 7406028) with its registered address at First Floor Ridgeland House, 15 Carfax, Horsham, West Sussex, RH12 1DY, United Kingdom. loveMONEY.com Limited operates under the trading name of loveMONEY.com Financial Services Limited. We operate as a credit broker for consumer credit and do not lend directly. Our company maintains relationships with various affiliates and lenders, which we may promote within our editorial content in emails and on featured partner pages through affiliate links. Please note, that we may receive commission payments from some of the product and service providers featured on our website. In line with Consumer Duty regulations, we assess our partners to ensure they offer fair value, are transparent, and cater to the needs of all customers, including vulnerable groups. We continuously review our practices to ensure compliance with these standards. While we make every effort to ensure the accuracy and currency of our editorial content, users should independently verify information with their chosen product or service provider. This can be done by reviewing the product landing page information and the terms and conditions associated with the product. If you are uncertain whether a product is suitable, we strongly recommend seeking advice from a regulated independent financial advisor before applying for the products.