Hit enter to search

New phishing attack on iOS could steal your password!

Author Avatar
Maxime Lamarche
Technical Engineer, EASI

More and more malware are released every day. And no Operating System is safe! One of the latest examples is our beloved iOS...

If you were still thinking that, given the fact that you have an iOS device instead of an Android or Windows, you are totally protected against malware or phishing attacks, here is the time open your eyes!  A newly discovered vulnerability inside Apple's Operating System could potentially make you the victim of a scam that would steal your Apple ID password.

Indeed, security researcher Felix Krause published this Tuesday October 10th a new proof-of-concept that shows how easy it is for hackers to replicate the familiar "Sign In to iTunes Store" prompt on the iOS devices and steal a user's password.

Once again, the users are the weakest part, which is often used by hackers to gather the information they need. However, there are some recommendations to protect yourself. Here are few of them:
Never input passwords into pop-ups; instead go into the iPhone’s Settings menu and do it there, to ensure it’s a legitimate request.
Click the home button when a pop-up is displayed. If the home button closes the app, it was a phishing scam, but if the pop-up remains, it’s a real Apple request.

As you can see here under, it is almost impossible to see the difference between the two prompts.

phishing attack iOS security

Interested to learn more about this? Don't hesitate to visit Krause's website.

Current job openings

Sign up to our newsletter

Follow us


Share this article