iPhone users warned over scam to get Apple ID – can you tell which pop-up is fake?

iPhone users are being warned of a new phishing scam that tricks them into handing out their Apple ID – and even experts are having a hard time detecting it.

iPhone users warned over scam to get your Apple ID - so can you tell which pop-up is real or fake?

iPhone users warned over scam to get your Apple ID - so can you tell which pop-up is real or fake?

Posing as the standard “Sign in to iTunes Store” form that users are so familiar with, the fake form appears almost identical to the original and is capable of stealing credit card and personal details in just seconds.

Apple iOS code researcher Felix Krause this week demonstrated just how simple it is to create a fake login form and steal personal details.

"Users are trained to just enter their Apple ID password whenever iOS prompts you to do so,” Mr Krause wrote in a blog post.

The legitmate login popup can be seen on the left, with the remarkably similar fake seen on the right. Source: Felix Krause

Those pop-ups are not only shown on the lock screen, and the home screen, but also inside random apps.

"Even users who know a lot about technology have a hard time detecting that those alerts are phishing attacks."

Mr Krause said the malicious login form took less than 30 lines of coding to create and can be easily replicated by the most basic of tech developers.

The real image can be seen on the left, however even experienced tech experts have had a hard time telling them apart. Source: Felix Krause

"Showing a dialog that looks just like a system popup is super easy, there is no magic or secret code involved, it is literally the examples provided in the Apple docs, with a custom text,” he added.

If you’re left feeling unsure as to which pop-ups are real and which are fake, simply avoid them all together and enter your Apple ID login details via settings instead.

Mr Krause also said if you hit the home button and the login box closes the app, and with it the dialog, then it was likely a phishing attack.

Krause said the best way to not be duped was by entering your login details via settings. Source: Felix Krause

feedback