Search the Community
Showing results for tags 'ducklin'.
-
Hackers are targeting Apple iCloud users with phishing messages designed to steal financial information. Sophos employee Paul Ducklin reported in a blog post that the messages are tailored to look like legitimate security alerts. 'Your account may have been compromised. Please cancel the following Order Number: WZEYMHCQVWZ20,' reads the bogus message. 'Within Apple Inc. latest security checks, we recently discovered that today there were incorrect login attempts to your account. For your account status to get back to normal, Go Here >> to complete the details.' The links in the message go to a page owned by the criminals, which requests the filling in of a 'cancellation form'. "The bogus payment cancellation form is hosted on what looks like a hacked home-user DSL connection in Canada," explained Ducklin. "The data submission form goes to a similar ‘server' hosted on a connection via a boutique ISP in Switzerland." Ducklin recommended a variety of protective measures to defend against phishing attacks of this kind. "Don't assume that crooks aren't interested in you. You may have the smallest, simplest web server in the world, but if there's a security hole, the crooks can use your server, and your URLs, as a staging post for their cyber crimes," he said. "Use two-factor authentication if you can. This relies on one-time log-in codes, so the crooks can't simply phish your password and use it over and over." Ducklin is one of many security professionals to call for wider use of two-factor authentication. Attackers are believed to have taken advantage of a lack of two-factor authentication to guess celebrities' iCloud passwords during a wave of high-profile incidents in 2014. Source