Last year, Apple customers were the number one target for phishing attempts, scammers sending emails with links to fake Apple websites in an attempt to get their hands on Apple ID credentials.

Security company Check Point said that’s changed this year, and Apple is now only 7th on the list …

‘Brand phishing’ involves the attacker imitating an official website of a known brand by using a similar domain or URL, and usually a web page similar to the original website. The link to the deceptive website can be sent via email or text message, a user can be redirected during web browsing, or it may be triggered from a fraudulent mobile application. In many cases the website contains a form intended to steal credentials, personal information or payments.

Email phishing exploits were the second most common type after web-based exploits, compared to Q1 where email was third. The reason for this change may be the easing of global Covid-19 related restrictions, which have seen businesses re-opening and employees returning to work.

There was one major attempt to phish Apple customers, however.

Both browser companies and the web hosting company responded quickly, browsers warning that it was a deceptive website, and the host company then suspending it.

During late June we witnessed a fraudulent website which was trying to imitate the login page of Apple’s cloud services, iCloud. The purpose of this website (example below), is to try and steal iCloud login credentials and is listed under the domain “account-icloud.com”. The domain was first active in late June 2020 and registered under the IP – 37.140.192.154, located in Russia.

The top brands for phishing attempts in Q2 were:

The best way to protect yourself is to never click on links sent via email, even if they appear genuine. Always use your own bookmarks, a Google search, or type in a known URL (not the one in the email) manually. Common ploys used by scammers are emails which claim your account is in danger of being suspended or closed; that you need to update your login details; that you need to confirm or refute an expensive purchase (a very common attack method with Apple customers); or act quickly to claim a too-good-to-be-true offer.