Skip to content

New phishing attack in iCloud. So you can prevent it.

A reader sends us an email explaining that he has been a victim of phishing when his iPhone was stolen. We received several similar messages, so we’re going to give you a series of tips to be on the safe side.

Phishing, is a method that cybercriminals use to try to trick their victims in a relatively simple way. Basically impersonating some service so that we enter our credentials on a website.

New phishing attack in iCloud. So you can prevent it.
New phishing attack in iCloud. So you can prevent it.

In this way, we will be sending our username and password to unknown , not to an official service, in this case iCloud . This will allow them to disable the restrictions and take full control of our account and our iPhone.

Phishing in iCloud, stay calm

When we detect that our iPhone has disappeared or we suspect that it has been stolen, we usually run to the iCloud.com website to try to locate it with “Find my iPhone” and activate the restrictions.

The cybercriminals, take advantage of this nervous situation to send an eye-catching message or email of relief . They tell us that our iPhone has been found, where we have to access a link and enter our data to retrieve it.

That link will take us to an iCloud clone page , there are some details that are remarkable, but in those moments of distress, we will surely not realize it. As has happened to some users who have contacted us recently.

https://apple5x1.com/roban-iphone-facebook-icloud/

In a situation, let’s call it normal, this would make us suspicious, but in a case of theft or loss, what we want is to find it as soon as possible, at least know the location to try to recover it or to block it.

So we don’t usually stop at to check the link or any detail that might make us suspicious, we just trust that message or email that claims to be sent by Apple, will help us.

First of all, when you unfortunately learn that your iPhone has been lost or stolen, remain calm and suspicious of any SMS or email you receive from “Apple”.

How to prevent a phishing attack

The first thing is to check the link , even if it has a security protocol like “https”, that doesn’t tell us anything for these cases. Normally, fraudulent addresses have a hierarchy across sub-domains to throw us off, for example: “https//icloud.appledxxx.xxx, https://apple.icloud-xxxx.xxx, https://icloud.idevices-manager.info/?id=icloud.com” .

Another important piece of information is the writing , usually with spelling mistakes or some strange character when there is a tilde or a ñ. Besides having a bit strange text to read, which will surely make us distrustful.

The “Dear customer” at the beginning of a message, is also a clear indication of phishing, as they do not have access to a company’s database, so they try to solve it with a generic greeting.

The rush is not good , if in an email they ask us to access a link as soon as possible, they are suspicious. As we mentioned before, we often take advantage of moments of confusion to obey the letter of the SMS or email received.

If we receive an SMS, look at the number and try to check it through a browser . For example, by typing that phone number into Google, we’re likely to find someone who gave the alert.

Some foolproof rules are:

  • Never directly access the links you receive in these situations
  • Do not download attachments.
  • Do not provide any information

common sense is basic, as well as staying calm, checking any information that comes to us regarding our lost or stolen device and of course having Apple’s two-factor verification enabled.

How do I act if it’s been phished?

If, unfortunately, you have fallen into the trap, it is best to try to change the iCloud password as soon as possible . Contact Apple and provide all the messages we have.

Go to a police station and make the corresponding complaint , providing the IME of our phone and warn our contacts so that they are warned in case they use our contact list to send them the same SMS or email.

Report it to the Police and the Guardia Civil through their website so that they are aware of this type of attack or visit the OSI website and inform them of the attack phishing .