Skip to main content

phishing

See All Stories

Nasty Mac malware bypasses Gatekeeper, undetectable by most antivirus apps

Site default logo image

We learned recently that macOS malware grew by 744% last year, though most of it fell into the less-worrying category of adware. However, a newly-discovered piece of malware (via Reddit) falls into the ‘seriously nasty’ category – able to spy on all your Internet usage, including use of secure websites.

Security researchers at CheckPoint found something they’ve labelled OSX/Dok, which manages to go undetected by Gatekeeper and stops users doing anything on their Mac until they accept a fake OS X update …


Expand
Expanding
Close

Beware authentication popups in iOS Mail: bug allows convincing-looking phishing attacks

Site default logo image

[youtube=https://www.youtube.com/watch?v=9wiMG-oqKf0]

Update: Apple confirmed it’s aware of the issue and working on a fix:

“We are not aware of any customers affected by this proof of concept, but are working on a fix for an upcoming software update.”

If you are reading mail on your iPhone and iPad and a popup appears asking you to re-login to iCloud (or anything else), beware. Security researcher Jan Soucek discovered a bug in the iOS Mail app that allowed an attacker to run remote HTML code when an email is opened. That code could easily imitate an iCloud login prompt, fooling users into giving away their Apple ID credentials … 
Expand
Expanding
Close

Dashlane password manager can now automatically change your password on 50 top US websites

Site default logo image

Password managers are a great way to have strong, unique passwords for each website you access – but vital as it is these days, there’s no denying that it’s a chore to change them. Dashlane, a Mac and Windows password manager app, aims to take away the pain by doing it for you automatically across 50 top US websites like Apple, Amazon, Dropbox, Facebook, PayPal, WordPress and Twitter.

Importantly, the app can even cope with sites that employ two-factor authentication to login or change a password, prompting you for the code when required … 
Expand
Expanding
Close

Tim Cook meets with Chinese vice premier in Beijing following iCloud phishing attack

Site default logo image

Two days after evidence emerged of a phishing attack on iCloud, allegedly due to the Chinese government firewall redirecting traffic to a fake login page, the Chinese state news agency Xinhuanet is reporting a meeting in Beijing between Tim Cook and Chinese vice premier Ma Kai.

Chinese Vice Premier Ma Kai and Apple Inc. CEO Tim Cook on Wednesday exchanged views on protection of users’ information during their meeting in Zhongnanhai, the central authority’s seat. They also exchanged views on strengthening cooperation in information and communication fields.

The Chinese government censors access to the Internet by deploying a country-wide firewall which blocks certain sites and which can redirect traffic from sites the government dislikes to officially-sanctioned ones …

Expand
Expanding
Close

Report: EA Games server compromised, hackers stealing Apple ID, credit card & Origin account info

Site default logo image

Update: EA said in a statement that it’s investigating the reports (via TheVerge):

“Privacy and security are of the utmost importance to us, and we are currently investigating this report… We’ve taken immediate steps to disable any attempts to misuse EA domains…”

According to a report from internet security and research company Netcraft, hackers have compromised an EA Games server and are currently using it to host a phishing site that steals Apple IDs and more from unsuspecting users. The company published its report today and says it contacted EA yesterday to report the discovery, but as of publishing the compromised server and the phishing site stealing Apple IDs were still online.

Netcraft claims the phishing site being hosted on EA’s servers not only asks for an Apple ID and password but also the user’s “full name, card number, expiration date, verification code, date of birth, phone number, mother’s maiden name, plus other details that would be useful to a fraudster.” Netcraft also reports that EA Games is being targeted in other phishing attacks that are attempting to steal user data from its Origin game distribution service:
Expand
Expanding
Close

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications