According to news stories, Apple is now the most valuable brand in the world. One party that would agree: cybercriminals, who are now targeting Cupertino in increasing numbers.
Earlier in the year, the number of identified Apple phishing sites would only be in the hundreds per month, as seen in the chart below:
Figure 1. Number of identified Apple-related phishing sites
Some cases of these Apple-related threats just use Apple as social engineering bait. For example, here, the need to “verify” one’s Apple products or services is used to phish email services:
Figure 2. Phishing site
As we noted earlier this year, Apple ID itself is now being targeted for theft. For users of all Apple products – whether they be Macs, iOS devices, or just the iTunes store – the Apple ID is a key ingredient in how they use these products. For example, it can be used to control the data stored in your iCloud account, make purchases of both music and apps, and even manage your iOS or Mac device.
Not only that, users from all over the world are being targeted. For example, this phishing site is in French:
Figure 3. Apple ID phishing site
Unsurprisingly, the number of phishing sites seems to spike in months where Apple-related rumors are high as well. For example, the month with the most identified sites – May – was also the month when iOS 7-related rumors were most prevalent, particularly before its June announcement at the Apple Worldwide Developer Conference.
Similarly, June itself saw many rumors related to what became the iPhone 5c. The same was true for the succeeding months, up until the new generation of iPhones was launched on September 20.
It would appear that cybercriminals are using Apple-related rumors as a gauge of potential interest from users/victims and increase the number of their attacks as needed.
This growth in Apple-related threats highlights how Apple users, far from being safe, are continuously targeted by threats today as well. We discuss these problems in more detail in the eguide Why Macs Need Security.