Phishers taking advantage of iPhone launch, especially in Malaysia!
By Digital News Asia September 13, 2013
- Fraudulent email contained messages informing recipients they had won latest iPhone 5S and iPad
- Trend gives 5 steps on how consumers can better protect themselves against social engineering lures
TREND Micro Inc is warning users of a new phishing scam that takes advantage of the recent Apple Inc announcement of the iPhone 5S and 5C.
As with similar scams in the past, cyber criminals are using current and hot discussions to lure and take advantage of unsuspecting consumers, the company said in a statement.
Trend Micro said this latest phishing scam has been effective in targeting South-East Asian users, with Malaysia being the most affected country.
Trend Micro detected samples of spammed messages attempting to spoof an Apple Store email notification. This happened at the peak of its hype right before the official launch of the Apple phones, where the fraudulent email contained messages informing recipients that they had won the latest iPhone 5S and iPad.
To collect these prizes, ‘winners’ have to click on a link which directs them to a website where they are required to disclose personal data such as their email and password.
Banking on the eagerness of consumers to get their hands on popular devices, victims unwittingly provide such credentials to cybercriminals, Trend Micro said.
The company has previously reported on similar scams when the iPad 3 was slated to be launched over a year ago.
Such tactics are prime examples of social engineering, where cybercriminals manipulate victims into performing actions or divulging confidential information through targeted, and sometimes elaborate, schemes.
“Social engineering lures are very effective when combined with current news and events,” said Goh Chee Hoh (pic), managing director, SEA Region, Trend Micro Inc.
“The most effective way for consumers to protect themselves is to be vigilant and stay informed. Know what to watch out for, what to avoid, and what to be careful of.
“More often than not, if something is too good to be true, it probably is,” he added.
Trend Micro also recommends the following five steps on how consumers can better protect themselves against social engineering lures:
- Bookmark trusted sites. Treat new sites like people you meet for the first time – don’t immediately trust sites you’ve only visited once.
- Never click on suspicious links, no matter how promising their accompanying messages seem. Promises that are too good to be true are just that.
- Do not be intimidated by threats. Cybercriminals often rely on the element of surprise to scare you into doing something you otherwise won’t. It is always best to ignore scare tactics outright.
- Spread the word, and tell others what you know. Doing so will ensure your friends and relatives’ safety, and sometimes prevent them from falling for cybercriminals’ traps.
- Invest in an effective security solution that protects your system and data from all kinds of threats. Explore and use the built-in security features of the sites and pages you frequently visit.
For more information and updates on the iPhone 5S Phishing Mails, please visit the Trend Labs blog post here.
More information on social engineering can also be found here.
Apple’s new iPhones continue to aim at high-margin sweet spot
Mobile phishing on the rise, warns Trend Micro
Online scams: You can never be too careful
Aware of risks, Malaysians persist with bad online habits: Survey