Is this mail from the REAL Apple?Submitted by Quick_Abbreviations4 t3_1137253 in iphone
DarkNet-Magic t1_j8osvyf wrote
Reply to comment by Quick_Abbreviations4 in Is this mail from the REAL Apple? by Quick_Abbreviations4
If you clicked on the link, change your Apple password immediately.
Phishing links like this (usually) simply just require you to click on them, then it immediately sends your credentials for the account they’re trying to access back to the scammer. A major red flag that is what is happening, is if you happen to click the link, and it opens up the application on your phone. That tells you that they just got your username and password for that account. However, just because you click the link and the application doesn’t open, doesn’t mean they still didn’t get your credentials.
Never, and I mean, never click on links that you don’t recognize, or have any doubt toward their legitimacy. Better safe than sorry by just not clicking the link to begin with.
Again, since you did click the link, I highly recommend changing the password for your Apple account immediately. Even if you clicked the link and immediately exited out, it doesn’t matter. If they were phishing for your information and just needed you to click the link to get it, then they got it as soon as you clicked.
I’ve worked Cyber Security for a very long time now, I see scams like these all of the time, have learned how to identify them pretty quickly, and figured out what they do and how they do it. Always be on the lookout, some of the emails I’ve seen look pretty damn legit, but there is always a way to point out a fraudulent email from a real one.
Quick_Abbreviations4 OP t1_j8otkzs wrote
I haven't changed it yet, I'll do it immidetly. Will I suffer any consequences for waiting this long?
DarkNet-Magic t1_j8p30qe wrote
As long as you haven’t noticed any fraudulent activity within your Apple account, then you should be fine.
If you wanted to be extra cautious, you would also change the passwords of any other accounts that use the same password as your Apple account (if applicable), or at the very least, change the password of any accounts that use the same email address and password of your Apple account (if necessary).
Not all scammers are clever enough, or care enough, to tap into other accounts that use the same credentials, but it’s very common that they may try. They may also be phishing for the purpose of mass collecting credentials to sell on the darknet.
Again, that’s if you want to be extra cautious, but as long as you change your Apple password you should be alright.
elementaldelirium t1_j8ow3kd wrote
How does it get your password from just clicking?
DarkNet-Magic t1_j8p4rx9 wrote
It varies by how the programmer sets up the phishing link (there are also tons of templates scammers can grab online to make basic phishing links as well). But the way it works in most cases, is once you click on the phishing link, it then directs the code to open the application they are attempting to grab the credentials for. Once it opens the target application, it uses the credentials saved in the application (like when you open the application and it is automatically signed in), it then shoots those credentials (email and password) back to the scammer in a .txt file.
These guys literally get incredibly long lists of emails and passwords for the application they are targeting, go through and access those accounts so they can have access to your saved financial information, steal it, or use it to send themselves money.
Standard-Plan1506 t1_j8p4jh1 wrote
Sorry but that’s bs, clicking the link won’t give away anyone’s password. That’s why they’re trying to scam you into typing it yourself. You have to allow a website or an app to log in using your Google or apple login; and even if you do it’s encrypted anyway, no one’s gonna see it
DarkNet-Magic t1_j8p6wm7 wrote
Clicking a link absolutely will jeopardize your password. Albeit many phishing links aren’t that complex or intricate, but they are more common than you think.
I do pen-testing in my free time on the side, you would be amazed how often I come across those types of links. Apple accounts are more difficult to bypass, sure, but encryption isn’t an automatic guarantee of security, it just requires a little more complexity in the scripting.
Standard-Plan1506 t1_j8p98k2 wrote
No it won’t, stop making up these stories. You won’t get logged in anywhere unless you specifically confirm it by providing your password.
DarkNet-Magic t1_j8padjz wrote
I am not making anything up? Why would I have a reason to lie to a stranger on Reddit. If you haven’t come across those types of phishing links, that’s good for you, but to blatantly deny they exist is pure ignorance.
Standard-Plan1506 t1_j8pb59u wrote
I don’t know you tell me darknet pentester security engineer. Try me with your script, tell me my password
DarkNet-Magic t1_j8pbzp2 wrote
I never said I was a “security engineer”. I said I work in Cyber Security, which Pen-Testing falls under.
Better yet, I’m not wasting nearly two hours creating a phishing script to prove a point. Again, a stranger on the Internet doesn’t mean anything to me.
With that being said, I conclude my conversation with you.
Standard-Plan1506 t1_j8r7aa2 wrote
You're talking about session hijacking, mate, you need an exploit to make it work. The idea that you can create a phishing script in 2 hours to steal data from ios is ridiculous. And it's not going to produce a txt with login and pass, that's complete bs. You're familiar with 2FA, right?
Viewing a single comment thread. View all comments