It is said that a fishing site has recently been opened to steal iCloud's login information in the psychology of the stolen person who has lost the iOS device.Symantec reported on the official blog on March 2.
In one case, "Apple Inc" for those who lost the iOS device / stolen.Your iPad Air 3G 64GB Space Gray Linked to (b **@hotmail.com) HAS BEEN LOCATED TODAY at 19:00 PDT.See Location: http: // i-class.I received a message such as ... "If you click the link to check the location information of the lost device, it is actually an iCloud fake log impage.So you enter your Apple ID and password, which reaches the criminal's hands.
The fake log impage is compatible with multilingual (English, Spanish, Italian, French, German, Portuguese, Chinese, Russian, Vietnamese, Indonesian), but for nowJapanese is not included.
iPadの盗難被害に遭った持ち主のもとに届いたメッセージの例(Symantec公式ブログより画像転載)Symantec points out that this phishing site may be operated as part of an underground service for iPhone/iPad thief.
If the owner of the iOS device is lost / stolen, log in to iCloud from other devices such as a PC to switch the device to "Lost mode" using the iOS's "Find iPhone" function.be able to.If you use "lost mode", you can lock and track the device remotely, display the owner's phone number and message on the lock screen, and ask the person who picked it up to contact us.
On the other hand, if you want to find a device and cancel the "Lost mode", you can enter the device itself and enter the set passcode, or log in to iCloud and stop the "lost mode" stop operation.Criminals are aiming to release the "lost mode" of the stolen iOS device by deceiving the login information of iCloud.
In addition, although it is not mentioned in Symantec's official blog, if the "search for iPhone" function is turned on in iOS7 or later, "activation lock" will be automatically applied, and third parties will deviate the device when loss and theft.It has a mechanism that is protected so that it cannot be used or sold.The Apple ID password requires input when turning off this "Search for iPhone".
In this fishing case, the criminal abuses the contact information displayed on the lock screen of "Lost mode" and contacts the owner.The message is to guide to the fishing site with a message as if it was sent from the "search for iPhone".
The owner who has lost the iOS device may not be calm.In addition, the URL of the link in the message also contains the character string of "i-cloud" and the URL of the redirected fake log impage may also include the "iCloud" string.There is a possibility that you will be able to easily fish without noticing.
iCloudの偽ログインページ。ページデザインは本物そっくりだが、ドメイン名が違う。正規サイトのURLは「https://www.icloud.com」(Symantec公式ブログより画像転載)Symantec calls out the messages sent from the unknown source and are carefully confirmed to check the URL of the site of the visit.
Even if the criminal succeeded in fishing and logged in to iCloud to cancel the "lost mode", the device pass cord lock remains.Symantec is recommended to set a complex string for the passcode.The number 4 passcode pointed out that safety is not sufficient for loss and theft.