Global security company Trend Micro warns of a new phishing scam that takes advantage of Apple’s recent unveiling of the iPhones 5s and 5c. As with similar scams in the past, cybercriminals are known to leverage hot topics to lure and unsuspecting users, but this time, it targets Southeast Asian users.
Trend Micro analyzed samples of spammed messages sent before the official Apple launch. The emails spoof Apple Store email notifications informing recipients that they had won the latest iPhone 5s and an iPad. To get these prizes, however, users need to visit the website specified in the email. On the site, they’re asked to disclose personal data such as their email addresses and passwords. Banking on the eagerness of users to get their hands on the popular devices, they unwittingly provide such credentials to cybercriminals.
Trend Micro has previously reported similar scams when the iPad 3 was slated to launch a little over a year ago. Such tactics are examples of social engineering, where cybercriminals manipulate their victims to perform tasks or divulge confidential information through targeted, and sometimes elaborate, schemes.
“Social engineering lures are especially effective when combined with topical news and events. Internet users have to be vigilant and stay informed. They should know what to watch out for and what to avoid. More often than not, if something’s too good to be true, it probably is,” says Paul Oliveria, security focus lead at Trend Micro.
Vigilance aside, security solutions such as the Trend Micro Titanium Maximum Security 2014, is uniquely designed to protect consumers. It’s able to flag malicious links before a user clicks on them in social networking sites, instant messages, and email.
Trend Micro recommends steps users can follow to protect themselves against social engineering lures:
1. Bookmark trusted sites. Treat new sites like people you meet for the first time: don’t immediately trust sites you’ve only visited once.
2. Never click suspicious links no matter how promising their accompanying messages seem.
3. Don’t be intimidated by threats. A lot of cybercriminals often rely on the element of surprise to scare you into doing something you otherwise won’t. It is always best to ignore scare tactics outright.
4. Spread the word, and tell others what you know. Doing so will ensure your friends and relatives’ safety.
5. Invest in an effective security solution that protects your system and data from all kinds of threats. Also explore and utilize the built-in security features of the sites and pages you frequently visit.