Phishing scam takes advantage of Apple Dev Center downtime
Reports of phishing emails seeking Apple ID passwords have been making the rounds, with the fraudulent messages leveraging perceived concerns over the extended downtime of Apple's developer website to gain access to sensitive user data.
Like past scams looking to grab passwords from unsuspecting Apple customers, the most recent volley of phishing emails, first noticed by ZDNet, take on the guise of relatively official looking correspondence.
Taking advantage of Apple's ongoing developer center downtime, the phishing emails ask users to reconfirm their accounts to avoid "fraudsters" from stealing sensitive information.
The latest attempts are less convincing than previous phishing schemes, with poor grammar and punctuation, the most glaring mistake being the missing capital letter "A" in "Apple." As with most nefarious emails attempting to secure sensitive user data, these Apple-related mailings direct users to a supposed password reset page.
Apple on Sunday announced on its developer website, which at the time had been down for three days, that the Dev Portal was compromised by an intruder. The company has since created a system status webpage to keep developers apprised of the latest updates.
It remains unclear who was responsible for the reported intrusion. A security researcher named Ibrahim Balic came forward on Monday, saying his actions led to Apple's take down decision, but the veracity of the claims have yet to be proven.
According to Apple's system status page, only iTunes Connect and Bug Reporter, which was not affected by the downtime, are currently operational.
Like past scams looking to grab passwords from unsuspecting Apple customers, the most recent volley of phishing emails, first noticed by ZDNet, take on the guise of relatively official looking correspondence.
Taking advantage of Apple's ongoing developer center downtime, the phishing emails ask users to reconfirm their accounts to avoid "fraudsters" from stealing sensitive information.
The latest attempts are less convincing than previous phishing schemes, with poor grammar and punctuation, the most glaring mistake being the missing capital letter "A" in "Apple." As with most nefarious emails attempting to secure sensitive user data, these Apple-related mailings direct users to a supposed password reset page.
Apple on Sunday announced on its developer website, which at the time had been down for three days, that the Dev Portal was compromised by an intruder. The company has since created a system status webpage to keep developers apprised of the latest updates.
It remains unclear who was responsible for the reported intrusion. A security researcher named Ibrahim Balic came forward on Monday, saying his actions led to Apple's take down decision, but the veracity of the claims have yet to be proven.
According to Apple's system status page, only iTunes Connect and Bug Reporter, which was not affected by the downtime, are currently operational.
Comments
Quote:
Originally Posted by grblade
Wow. Now you see, kids? This is why you should pay attention to grammar in school. No one believes an idiot.
This is a most excellent post.
A fool cannot be protected from themselves...
I was in a Taco Bell yesterday. There was a guy sitting in the restaurant working on his computer. Taped (white label with black text) on the bezel of the screen, in very large letters, was his user id AND password... for all to see. This is what we're dealing with.
Broken English and doesn't capitalize the A in Apple. Seems legit.
This email doesn't even [I]hint[/I] at the Dev Center issue--or even hint at developers at all. It sounds like more of the same-old AppleID phishing that has existed for years. It's aimed at everyday ignorant users (they kind that never heard of the Dev Center and don't know it's been down anyway).
What would be [I]more[/I] newsworthy is if this same-old kind of phishing did NOT keep happening at the present time! That would have been weird.
Seems like AI is repeating a straight-up trollfiction from ZDNet.
"Taking advantage of Apple's ongoing developer center downtime"... [B]How?[/B] How are they taking advantage of anything to do with the developer center? Evidence? Journalism?
Hey, it's all good ad bait.
If it's not on the bezel look at the bottom of laptops. At the office, it's usually on a post-it, stuck on the monitor. Other times it's on the back of the keyboard.
Quote:
Originally Posted by grblade
Wow. Now you see, kids? This is why you should pay attention to grammar in school. No one believes an idiot.
Not only can they not check their grammar, they can't check their audience. A phishing scheme targeting software developers seems doomed to fail.
Quote:
Originally Posted by nagromme
I don't see how this has to do with the Dev Center downtime at all. Did someone recently steal a list of developer emails, and is targeting developers specifically? That would be news if so, and ZDNet implies it but never states it directly--probably because there's no evidence for any such thing.
This email doesn't even hint at the Dev Center issue--or even hint at developers at all. It sounds like more of the same-old AppleID phishing that has existed for years. It's aimed at everyday ignorant users (they kind that never heard of the Dev Center and don't know it's been down anyway).
What would be more newsworthy is if this same-old kind of phishing did NOT keep happening at the present time! That would have been weird.
Seems like AI is repeating a straight-up trollfiction from ZDNet.
"Taking advantage of Apple's ongoing developer center downtime"... How? How are they taking advantage of anything to do with the developer center? Evidence? Journalism?
Hey, it's all good ad bait.
Another excellent point.
You're right! I read that and assumed it had been sent to Dev members only (why else would AI infer the connection) ... but they'd have needed the list of who is a Dev to do that wouldn't they ... DUH! It is indeed totally generic and now you mention it, has it not done the rounds before?
Yeah--almost seems like someone at ZDNet really was slobbering over the hope that this would be a bigger Apple scandal... Panic in Cupertino! Developers targeted with malware and phishing! Instead, it seems like the issue was caught in time, and the end result so far is nothing more than downtime, during which it sounds like new systems are being put up--more than just fixing this issue, and thus probably stuff that has been in the works a while. Maybe worse will emerge: the original hacker doesn't sound above-board. But he also doesn't sound likely to mount an attack or sell dev emails--which, last I heard, he might or might not even have.
Downtime alone is a big headache for these developers, but ZDNet wanted to find real blood in the water... and when they didn't, I guess they thought they'd invent the smell of it, by falsely connecting an unrelated (and ancient, and minor) story? Another day in tech "journalism."