Our cybersecurity researchers discovered a new phishing campaign that targets Apple customers. The attack comes in the form of subscription renewal email, and it’s already become widespread. Every email sends by cybercriminals poses as an official message from the App Store containing information about a new subscription agreement.
Our CEO and Founder of CyberByte said:
“ Is not the first time the Apple brand has been used by cybercriminals and will not be the last either. This phishing campaign warns the user of a costly subscription service once the free trial period ends. This kind of tactics and new ideas are a result of cybercriminals that continuously look for ways to impersonate popular brands and apps, in an attempt to lull potential victims into a false sense of security.“
Sadly there is no cybersecurity solution for this kind of cybersecurity threat. The only line of defense is vigilance. Never disclosure any official information, at first suspicion, always contact the sender for further verification.
In this case, the initial message transfers the user to a website designed to trick them into giving up their log-in details. But in other cases, the transfer can be to a malware-laden site which could infect the user’s device. This opens up new ways of attack for cybercriminals because the malware can be used to extract confidential data from their systems, and in the case of Apple phishing campaign if a user enters login credentials form an account that is from work. The consequences of such cybersecurity breach could end up in essential data lost for the affected company.
If the vigilance fails, the only option available for everybody is a top cybersecurity solution like an antivirus. Choose a good antivirus for windows or antivirus for mac, depending on which OS your device use.
As a company never let your guard down, from time to time over the course of a year is recommended to hire professional cybersecurity assistance that will test your company network integrity by completing numerous tests like penetration tests or ethical hacking tests.