Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Apple
    • Apple
    • Cybersecurity

    FireEye Finds 240 Fake Apple Domains Since January

    By
    Sean Michael Kerner
    -
    June 8, 2016
    Share
    Facebook
    Twitter
    Linkedin
      fake Apple ID

      Hackers are using fake phishing domains to trick Apple users into giving up their Apple ID credentials, according to a new report from FireEye.

      Since the beginning of 2016, FireEye has tracked a number of phishing campaigns targeted against Apple users. The phishing campaigns all include some form of a lure to trick unsuspecting users into entering their Apple ID into a fake login screen. All Apple device owners use the Apple ID to get access to the company’s services, including iTunes, App Store and iCloud data backups.

      As part of the subterfuge, the phishing campaign emails direct users to seemingly legitimate looking Apple sites that are hosted on domains that have the word “Apple” in them, but are not associated in any way with the company. Among the domains are various combinations of the words, Apple and iCloud, including iCloud-Apple-apleid.com, appleie-xyw.com and iow-web-Apple.com.

      Since the beginning of 2016, FireEye has discovered 240 phishing domains attempting to trick users into thinking they were Apple Inc. Of those, FireEye found 86 targeting U.K. customers since January. Domains specifically going after Chinese users are also common, with FireEye reporting 32 different domains registered in March alone.

      While FireEye was able to identify the spam domains targeting Apple users, it’s not clear how many potential victims may have been exposed to the phishing domain campaigns.

      “Our system is designed to detect newly registered malicious domains,” Fahim Abbasi, principal malware researcher at FireEye, told eWEEK. “We are not able to answer if there are specific targets.”

      Looking across the 240 different Apple spam domains, FireEye found 154 unique email addresses were used to register the domains. Of those email addresses, 64 were on the qq.com email domain in China and 36 registrants had unique gmail.com email accounts.

      Going a step further to try and determine some form of attribution for the malicious spam domains, FireEye found that the observed Apple spam domains in China were pointing at 13 unique IP addresses found in the United States and China. All of the U.K. spam domains were pointing to IP addresses in the United Kingdom.

      Abbasi noted that FireEye observed a peak of Apple spam domain registrations in the first quarter of 2016, but has seen a gradual decrease since then.

      “We are now starting to log this information to get a better breakdown of stats,” Abbasi said.

      From a user protection standpoint, the actual address for a link or a Website is generally viewable by users, either in a browser or when they hover over an email link. As such, a cautious, informed user should be able to avoid falling prey to the Apple phishing domain campaigns. That said, Abbasi noted that not all users are informed of the risks of phishing and all the domains listed contain keywords like: “Apple,” “iTunes” and/or “iCloud.”

      “Attackers exploit the human trust model, as we tend to trust brand names, and uses that to lure their victims into clicking and interacting with the phishing page,” Abbasi said. “The majority of Internet users are not savvy enough to detect these minor variations in legitimate-looking-phishing URLs.”

      Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

      Sean Michael Kerner
      Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×