We’ve all seen the HMRC and PayPal phishing e-mails doing the rounds, but in recent years phishing has become increasingly sophisticated – some could fool even the most security conscious users.
This week security researcher Felix Krause published a blog about a flaw that he identified with Apple ID pop ups. Some hackers spoof pop ups to look identical to the official system ones, and request the user’s Apple ID password.
This is the first of this kind on a mobile device that we have seen. As users we are so used to being asked for our passwords after system or app updates etc, so this is a very clever yet dangerous move by hackers here.
Experts are recommending that users follow the below procedure:
Press the home button when any pop up appears and if the app and pop up disappears, this is a fake pop up.
Some users may prefer to only enter password information via the Settings app.
Read the full blog here