Apple was the most imitated brand in phishing attempts in Q1 2020

Now that operating systems are fairly well armored against attacks and hacks the criminals have had to switch tactics and use the time honored and amazingly successful approach in which the ignorance, stupidity, and gullibility of the human animal is exploited. Social engineering is the norm. From the fake Adobe Flash installers to scammer calls from the ‘IRS’ or ‘Social Security’ the two biggest admonitions to thwart them are the most ignored. 1) If it sounds too good to be true, it is. 2) Think before you click. I can’t tell you how many comments on the Apple Discussion Forums are from users who just clicked on something without thinking about it only to be hit with malware or adware. 

lkrupp said:

Now that operating systems are fairly well armored against attacks and hacks the criminals have had to switch tactics and use the time honored and amazingly successful approach in which the ignorance, stupidity, and gullibility of the human animal is exploited. Social engineering is the norm. From the fake Adobe Flash installers to scammer calls from the ‘IRS’ or ‘Social Security’ the two biggest admonitions to thwart them are the most ignored. 1) If it sounds too good to be true, it is. 2) Think before you click. I can’t tell you how many comments on the Apple Discussion Forums are from users who just clicked on something without thinking about it only to be hit with malware or adware. 

Yet time and time again people keep falling for this shit. Which is why they keep doing it. There's always that sucker out there unfortunately. 

I misread the headline as "Apple was most imitated brand in Q1 2020".

Wasn't surprised.

lkrupp said:

Now that operating systems are fairly well armored against attacks and hacks the criminals have had to switch tactics and use the time honored and amazingly successful approach in which the ignorance, stupidity, and gullibility of the human animal is exploited. Social engineering is the norm. From the fake Adobe Flash installers to scammer calls from the ‘IRS’ or ‘Social Security’ the two biggest admonitions to thwart them are the most ignored. 1) If it sounds too good to be true, it is. 2) Think before you click. I can’t tell you how many comments on the Apple Discussion Forums are from users who just clicked on something without thinking about it only to be hit with malware or adware. 

The grandma who has a Samsung Galaxy "iPhone" does not think twice when "Apple" sends her a legit-looking email.

Apple needs a standard login format (FaceID?) for their devices. This may help grandmas from getting scammed. **Never mind, I don't think this way alone will work since external sites will not be mandated to this info and will still trick grannies.

Never click on links in emails. Just go to the site by typing i the address manually. You look at that address above, it's clearly not Apple trying to get your info.

The BEST thing you can do is turn on 2-Factor!!! Because even if you were dumb enough to fall for the whole fake web page log-In screen used to steam your log-in credentials. Without that second factor, they are stopped in their tracks!!! Even if you gave them your 6 digit code, unless it was used within a minute, that code would have changed and now they are back to being locked out of your account.

I had someone from CHINA somehow got my old password which was used at a few places. That person was stopped in their tracks when my iPhone popped up a Box saying someone was trying to gain access to my account, showing a small map of China, with a Allow or Deny Box. Of course I denied!!!! If I didn't have 2 factor turned on, they would have had full access to my Apple Account and done all kinds of things. Like copying all my pictures, or worse.

Of course after that I updated my Password to something really LONG and used no where else. I'm slowly working on changing my passwords everywhere else to long use one once passwords. This is where you really NEED a password manager. I use Lastpass. I got a Family Account and have my Dad on that to use, and helping him with turning on 2-Factor at places, at least the really important places. your e-mail account for example. Someone gains access to that, now they can just do a password recovery for your other places and gain access to them. He has his Facebook account hacked a few times. So 2-Factor is turned on there now, along with better, random password. His bank, I got it turned on.

So make sure to use a long, Random password. I let LastPass generate a 20 or so digit one. Different for each site. So if one place gets hacked, they can't gain access to anywhere else you may be at. Turn on 2-Factor everywhere you can. I even have it on for Amazon. So if you get suckered into being Phished, it's not the end of the world, as they still can't gain access because of that second factor. Then when you realize what happened, you can go in and change your password to something new and Lastpass will update it's self. If I can get my 72 year old Dad to get on this page, you should be able to do it.