IPhone and iPad, how to defend against fake popups that steal passwords

Researchers have discovered a new vulnerability on iPhones and iPads, through some apps hackers can steal users' Apple ID

Cyber security researchers have discovered a new flaw that is putting iPhone and iPad users' privacy at risk. Hackers are, in fact, generating fake Apple pop-up messages for users to enter their ID code. Once the code is entered, cyber criminals steal it and use it at will.

To authenticate certain actions, such as downloading a new app, accessing certain services or completing a payment from a smartphone, Apple requires users to enter their ID code on their mobile devices. For those unfamiliar, this is the credential that identifies an Apple account. While investigating some apps, developer Felix Krause noticed that while using his iPhone, pop-ups asking for the Apple ID were appearing abnormally. Upon analyzing what happened, the expert discovered that hackers were exploiting a security flaw on iPads and iPhones to steal the Apple account of Cupertino users.

Iphone Security Flaw

Cyber criminals have so far fraudulently obtained several ID codes. This is because Apple users are accustomed to entering this information several times on their iPhone or iPad to complete an operation and by now do not pay particular attention to this request. Following the discovery Felix Krause asked Cupertino to block the permissions for browsers and third-party applications to ask for ID code authorization.

How to defend yourself

There are several methods to be implemented to defend against this new Apple vulnerability. First of all, we avoid entering ourĀ Apple ID and our most confidential information without asking ourselves why these data are requested from us. If when we are surfing the Web, for example, such a pop-up appears, it is very likely that it is a scam. In order to improve our privacy it is better to insert the Apple ID only in the official applications and not in those of third parties. Cupertino, not surprisingly, asks users to report third-party apps that through pop-ups request confidential information such as Apple ID.