Trend Micro, a cloud security company, discovered a new phishing scam (via The Next Web) that aims to steal Apple IDs. The scammers have compromised more than a 100 websites with the aim of gaining access to the unsuspecting Apple users’ Apple IDs.
Trend Micro says it has identified a total of 110 compromised sites — which doesn’t mean these sites were hacked, because the original wasn’t modified — all hosted at an IP address registered in the Houston area.
We’ve identified a total of 110 compromised sites, all of hosted at the IP address 70.86.13.17, which is registered to an ISP in the Houston area. Almost all of these sites have not been cleaned.
As you may already know, phishing attacks against Apple IDs aren’t something new, but as the security company emphasizes through the graphic below, there has been a notable spike in phishing attacks this year, which gained traction with the aforementioned compromised sites.
One way to identify phishing sites is that these fake sites don’t display indicators that you are at a secure site, something you always get when visiting the legitimate site.
But the best way to protect yourself from any upcoming phishing attack is to enable the two-step authentication that Apple has recently introduced for Apple ID, by visiting the Apple ID page.
