Reports of phishing emails seeking Apple ID passwords have been making the rounds, with the fraudulent messages leveraging perceived concerns over the extended downtime of Apple's developer website to gain access to sensitive user data.
Like past scams looking to grab passwords from unsuspecting Apple customers, the most recent volley of phishing emails, first noticed by ZDNet, take on the guise of relatively official looking correspondence.
Taking advantage of Apple's ongoing developer center downtime, the phishing emails ask users to reconfirm their accounts to avoid "fraudsters" from stealing sensitive information.
The latest attempts are less convincing than previous phishing schemes, with poor grammar and punctuation, the most glaring mistake being the missing capital letter "A" in "Apple." As with most nefarious emails attempting to secure sensitive user data, these Apple-related mailings direct users to a supposed password reset page.
Apple on Sunday announced on its developer website, which at the time had been down for three days, that the Dev Portal was compromised by an intruder. The company has since created a system status webpage to keep developers apprised of the latest updates.
It remains unclear who was responsible for the reported intrusion. A security researcher named Ibrahim Balic came forward on Monday, saying his actions led to Apple's take down decision, but the veracity of the claims have yet to be proven.
According to Apple's system status page, only iTunes Connect and Bug Reporter, which was not affected by the downtime, are currently operational.
14 Comments
Hopefully the average Apple Developer is smart enough to see through such crap.
Wow. Now you see, kids? This is why you should pay attention to grammar in school. No one believes an idiot.
Wow. Now you see, kids? This is why you should pay attention to grammar in school. No one believes an idiot.
This is a most excellent post.
A fool cannot be protected from themselves...
I was in a Taco Bell yesterday. There was a guy sitting in the restaurant working on his computer. Taped (white label with black text) on the bezel of the screen, in very large letters, was his user id AND password... for all to see. This is what we're dealing with.