There is a new threat happening this week that has thousands of iPhone and iPad users scrambling for more information on how to protect themselves. It appears that hackers have been able to create fake pop-up messages that look exactly like the messages Apple sends to its iPhone users. If you enter ANY kind of information in these pop-ups, you run the risk of losing your passwords as well as credit card and other financial information to the hackers that created the malicious apps.
iPhone users worldwide have been alerted to a new potential phishing scam that could be rapidly spreading, according to researcher Felix Krause in Vienna, Austria. These malicious iOS apps can easily create fake login pop-ups and steal your info.
The most frequent way these pop-ups can appear is if you try to install or update an iOS app. The app would then display a pop-up asking for your iTunes or another type of password - and if you type it in, the password would be sent in cleartext to the hacker's location.
The aforementioned app developer, Felix Krause has published a proof of concept on his blog, that shows how the mechanism works, and would easily it is to send a fake "Sign in into iTunes" pop-up to unsuspecting users.
It appears that any app developer can turn on the alert settings in the development environment, and imitate Apple's official pop-up style. There is a variety of ways to create an iPhone app, and it appears that this vulnerability can be created with all of these methods.
The whole problem starts with the fact that ordinary iPhone users are unsuspecting of these login pop-ups. They all blindly follow the instructions on screen, and this is what makes them so vulnerable to hackers that are trying to steal their financial information.
These pop-ups don't just show up on your iPhone's home screen. They can also show inside apps themselves, as well as when accessing iCloud, GameCenter or do in-app purchases. I strongly recommend against accessing these services anyway - they are just wasting your time.
There is a long history of malicious pop-ups in Apple's computing environment. Even their Mac line of computers is prone to these kinds of hijacking attempts, as can be seen on this above screenshot taken from macOS.
There are some rumors online that say clearing your history could rid your phone from these malicious pop-ups - but this would only work if the dangerous app that prompted these pop-ups has been uninstalled first, so do be careful.
Another advice from the experts is to not enter your password into any pop-up that appears on the screen. It is better to press the home button to minimize the pop-up, and then go into settings and type the password there.
Hackers that could steal your Apple ID can use it for many different reasons - from accessing your iCloud and downloading private photos or your location history, they can also get your payment information and credit card data.
According to Mr. Krause, the original Apple pop-up messages can't be minimized by pressing the home button on your phone. So you could try pressing the home button and if the message is minimized, that could mean that it was a fake pop-up.
Another problem with these malicious types of apps is that they are extremely easy to make. Here is a quick screenshot of just one tool that helps hacker launch phishing attacks against unsuspecting users. It looks almost too easy to use.
Even worse is that for some of these malicious tools - even children can learn how to create fake apps or error messages with them. This is potentially dangerous, as kids are not responsible as adults, and doing this can place them in future legal difficulties.
You should always strive to have two-factor authentication activated on your apps and online accounts. This helps a lot, as even if a hacker gets your password, they wouldn't be able to login or do purchases without having your second login code.
You should also watch out for "trust this computer" types of pop-ups and the fake "iOS upgrade" messages. These are slightly less dangerous, but you should always try to verify that these messages originally came from Apple.
