Heimdal
article featured image

Contents:

Apple users were the target of a phishing attack that used social engineering last month, during Black Friday, as threat actors managed to trick the Microsoft Office 365 email security.

A malicious email bearing the subject “We’ve suspended your access to apple services” was considered safe and let through by the native Microsoft security system.

Cybercriminals Almost Successful in Spoofing Apple

One can never be too careful when facing an email that requests to reveal sensitive personal data such as usernames and passwords of various accounts. Last month, threat actors used online brand impersonation to try to obtain this kind of data from over 10,000 Apple users. They used one of their favorite techniques: spoofing.

The potential victim got in their inbox a malicious email that appeared to be sent by Apple and warned them about their alleged losing access to FaceTime and iCloud. The email claimed that the tech company failed to validate the victim’s credit card and asked for repeating the validation process. The victim was supposed to click on a „login now” button at the end of the text, that contained a malicious link. They would further get to a fake landing page that asked for their account credentials.

The information included and language used within the email aims to lead victims to click the main call-to-action (login now) located at the bottom of the email. Once clicked, victims were directed to a fake landing page, which was crafted to mimic a legitimate Captcha security check landing page

Source

The tone of voice that was meant to create a sense of urgency and the use of a legitimate domain, associated with Apple, in order to inspire trust, are specific to social engineering campaigns. Since the email was sent from an icloud.com address, it was not that easy to spot that it came from an illegitimate source and was therefore a potential cyber threat.

How to Keep Safe from Social Engineering

Threat actors are sometimes able to delude the Microsoft email security system, so you should not only rely on it to protect your data. Be sure to play on the safe side and secure your devices.

You should also use different, strong passwords for your various accounts. A strong password includes not only letters but also numbers and symbols. You should also start using multi-factor authentication (MFA) and also think twice before clicking on any link you should find in an email, especially when it is obviously trying to put pressure on you.

Verifying the domain the message was sent from is a very important step. But when it comes to filling in personal data such as your username, password, or even credit card number in some login form, you’d better check its legitimacy with the sender’s customer support team.

If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.

Author Profile

Livia Gyongyoși

Communications and PR Officer

Livia Gyongyoși is a Communications and PR Officer within Heimdal®, passionate about cybersecurity. Always interested in being up to date with the latest news regarding this domain, Livia's goal is to keep others informed about best practices and solutions that help avoid cyberattacks.

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS

SEE MORE