Attackers increasingly targeting Apple users

News by Steve Gold

IPhone mass uptake has led to it being clearly targeted by cyber-criminals says Cyren report

The Q3-2014 Internet Threats report from Cyren is just out, and the conclusions make for sobering reading, especially if you are an Apple iPhone or iPad user, where phishing attacks are now 246 percent up compared to the first quarter.

Researchers also spotted no less than 7,000 new Apple phishing sites during the week of the `celebrity hack news' last month.

According to Lior Kohavi, Cyren's CTO, ultimately, no one needs a crystal ball or series of complex research studies to predict that cyber-attacks are on the increase and will continue to remain so for the foreseeable future.

Despite this, he says that many of these attacks could be stopped simply by investing in the solutions - and staff - needed to protect both the organisation and its customers.

In the third quarter of 2014, Cyren says that attention was focused on celebrity account hacking and corporate data breaches. And by the end of the quarter, cyber-security professionals had received yet another agonising reminder that no system is perfect with the announcement of the Shellshock bug affecting the BASH shell.

Cyber-criminals, says the Q3 analysis, also used global tragedies, such as Ebola and airline disasters, to further enhance their phishing, spam, and malware distribution efforts.

In the world of the iPhone6

Cyren's analysis concludes that cyber-criminals had a significant opportunity for revenue generation courtesy of Apple's iPhone 6 launch.

"As in the past, the excitement about the new iPhone provided fertile ground for new phishing and adware scams," says the report, noting that users were being enticed to click on suspect links by the offer of a brand new - and free - iPhone 6.

Pharmaceutical and diet spam, meanwhile, exchanged places during the third quarter, with diet spam accounting for 31 percent of all known third-quarter spam, up by a hefty 288 percent from the previous quarter.

In contrast, Cyren says that the Q2-2014 leader - pharmaceutical spam - dropped by a hefty 63 percent, falling to third place and accounting for only 16 percent of this quarter's total spam.

Spam related to job offers also increased dramatically from 22 percent in the second quarter to 30 percent currently. Stock and online casino spam, meanwhile, rounded out the top five accounting for 11 percent and eight percent of total spam in the third quarter.

So why is Apple and its users being targeted for a rising level of phishing attacks? put this question to Jared DeMott, a principal security researcher with Bromium. He replied that, unlike Microsoft and Google, who are fairly pro-active in the field of security, Apple's approach to security is a lot more private.

Because of this, he says that he expects to see the level of phishing attacks against Apple users steadily rising for the foreseeable future, simply because of Apple's lack of transparency when it comes to security.

"The bottom line is that all platforms and operating systems are potentially vulnerable, but if you are after dubious celebrity pictures, then Apple users are more likely to be using and looking for this kind of material. If you simply want bank account data, then as a hacker you will be looking at a Google or Windows device user," he explained.

Gavin Watson, a senior security engineer with Randomstorm, meanwhile, said that phishing attacks against target's credentials and login details - and who then go on to use their contacts list to launch further phishing attacks - comes as no great surprise.

"All it really proves is that we are all still human and therefore susceptible to spoof websites and opening communications that appear to come from people who we know and trust," he said, adding that RandomStorm is sometimes asked by clients to carry out phishing email tests as part of its social engineering pen tests, to discover what proportion of the staff spot the spoof attack and report it to the IT help desk.

"Even though we deliberately include clues such as spelling mistakes, inconsistencies in the email signature, or a different domain name, our pen tests consistently show that phishing employees is still one of the most effective ways of breaching corporate security," he explained.

Watson argues that, even when criminals use quite blatantly fraudulent URLs, people will still open the emails, click on links and open attachments.

"As long as phishing remains such an effective vector for harvesting user credentials, accessing corporate networks, or controlling the accounts of high value targets, criminals will continue to use it. The best way for organisations to combat the risk from phishing is to share information on the latest attacks and to continually train staff to be vigilant," he said.

"Thankfully, we are starting to see intelligence sharing in the financial sector with initiatives such as the Financial Crime Alert Service. General public awareness of phishing is also improving owing to the increasing number of media reports into cyber-breaches," he added.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews