New phishing attack in iCloud. So you can prevent it. - NewCydiaTweaks


Post Top Ad

Post Top Ad

Friday, January 26, 2018

New phishing attack in iCloud. So you can prevent it.

A reader sends us an email where he explains that he has been a victim of phishing when his iPhone was stolen. We received several similar messages, so we are going to give you a series of tips to be forewarned.
Phishing is a method that cybercriminals use to try to deceive their victims in a relatively simple way. Basically supplanting the identity of a service so that we enter our credentials on a website.
In this way, we will be sending our username and password to unknown persons , not to an official service, in this case iCloud . Thanks to this, you can deactivate the restrictions and completely seize our account and our iPhone.

Phishing on iCloud, keep calm

ICloud Phishing
We have to put ourselves in a situation, when we detect that our iPhone has disappeared or we suspect that it has been stolen, the most normal thing is to run to the website to try to locate it with "Search for my iPhone" and activate the restrictions.
The cybercriminals, take advantage of this situation of nervousness to send a message or flashy email of relief . They tell us that our iPhone has been found, where we have to access a link and enter our data to recover it.
That link will take us to a cloned page of iCloud , there are some details that are remarkable, but in those moments of anguish, surely we will not notice. As it has happened to some users who have contacted us recently.
In a situation, let's call it normal, this would make us suspect, but in a case of theft or loss, what we want is to find it as soon as possible, at least to know the location to try to recover it or block it.
So we do not usually stop to check the link or any detail that may make us suspect, we simply trust that this message or email that says to be sent by Apple, help us.
First of all, when unfortunately, you know that you have lost your iPhone or that it has been stolen, you remain calm and suspicious of any SMS or email you receive by "part of Apple".

How to prevent a phishing attack

additional passwords for iCloud
The first thing is to check the link , even if it has a security protocol like "https", that does not indicate anything for these cases. Normally, fraudulent addresses have a hierarchy through subdomains to confuse us, for example: "https //,, https: //icloud.idevices-manager .info /? id = " .
Another important fact is the writing , normally they usually have misspellings or some strange character when there is a tilde or a ñ. In addition to having a text a bit strange to read, that surely, will make us distrust.
The "Dear customer" at the beginning of a message, is also a clear indication of phishing, since they do not have access to a company's database, so they try to solve it with a generic greeting.
The rush is not good , if in an email they ask us to access a link as soon as possible, suspect. As we discussed before, they usually take advantage of the moments of bewilderment so that we obey the SMS or email received to the letter.
If we receive an SMS, look at the number and try to check it through a browser . For example, by typing that phone number into Google, we will possibly find someone who has given the alert.
Cyber ​​Security iPhone

Some infallible rules are:

  • Never access directly to the links you receive in these situations
  • Do not download the attachments.
  • Do not provide any information
The common sense is basic, just stay calm, review any information that comes to us regarding our lost or stolen device and of course, have enabled verification of two factors Apple.

How do I act if it has been a victim of phishing?

A long password is more secure than a short one, provided they are under the same conditions.
If, unfortunately, you have fallen into the trap, it is best to try to change the iCloud password as soon as possible . Get in touch with Apple and provide all the messages we have.
Go to a police station and put the corresponding complaint , providing the IME of our phone and warn our contacts so they are prevented if they use our contact list to send them the same SMS or email.
Report it to the Police and the Civil Guard through their website so that they have proof of this type of attacks or visit the OSI website and inform them of the phishing attack .

Post Top Ad