- Phishing -e -emails “Notify” victims of an active $ 50 -subscription
- Victims can “cancel” the subscription by clicking on a link IE -email body
- The link leads to a fake login -page in which Apple ID -AdIrimation information is harvested
Cyber criminals mimic a popular video editing app to steal people’s Apple ID logins, are security researchers warn.
Earlier this week, Security Outfit Cofense warned to discover a new phishing campaign. In it would attack forgery Capcut, a video and graphic editing app developed by Bytedance, the company behind Tiktok.
Capcut is hugely popular and boasts hundreds of millions of active users. It offers both a free level and a paid level, which is what the attacker now abuses.
Stealing credentials
The overdue E -mail mimics Capcuts branding to increase legitimacy and “notify” the victim that they just subscribed to the paid version and cost $ 50.
Further IE email is offered the victim to “cancel subscription” if made by mistake.
With many mobile apps that charge their services by default, it is not entirely irrational to rely on the E -mail and hurry to cancel the subscription.
Click on the link, however, redirects the victim to a fake Apple login page where they are asked to give their Apple ID legitimation information.
These credentials are then forwarded to attackers that they can use to access people’s images, messages and other sensitive data. They can also use it to make purchases, which also causes direct financial damage.
The best way to defend against these attacks, says Cofense, is to be skeptical of all incoming e emails, especially those who require people to do anything:
“This phishing campaign highlights how easy confidence can be manipulated through well-known branding and urgency. By mimicking Capcuts/Apple’s identity and dangling the threat of unwanted charges, attackers control victims through a trouble-free two-step legitimate theft process,” researchers explain.
“Using a false verification step at the end is a subtle, yet strategic step to delay suspicion and expand the attacking window. As always skepticism is a critical defense – checking carefully, questioning unexpected requests for sensitive information and reporting suspicious messages.”
Via Cygenerws
