Emerging Threats

A new vulnerability in Apples iOS could help scammers capture iCloud passwords

Authored by a Symantec employee


Researchers discovered a new vulnerability in Apple’s mobile iOS platform that has the potential to trick users into divulging their passwords to scammers. A bug lurking in Apple’s iOS mail app on both iPhone and iPad, involved in handling HTML code will allow scammers to send a phishing email that will prompt a popup dialogue box asking for the user’s iCloud password. This popup mimics the iCloud login window, prompting users to re-enter their password. An easy way to spot the fake is that the login window can be cleared by pressing the home button, whereas the legitimate iOS popups won’t clear unless the user presses cancel.

Safety for every device.

Security is no longer a one-machine affair. You need a security suite that helps protect all your devices – your Windows PC, Mac, Android smartphone or your iPad.

While this has been discovered by researchers and has not been exploited in the wild yet, it is still a good idea to proactively protect yourself. Since word of the vulnerability is out, attackers may rush to exploit it before Apple releases a patch.

Although this is not a bug that can be caught by Internet security software, you can still stay safe. For the most protection, you should set up two-factor authentication on your iCloud account. In addition to two-factor authentication, always be on the lookout for phishing emails, and remember to be especially cautious when opening emails from unknown senders on an iOS device.

Don’t wait until a threat strikes.

Security threats and malware lurk on Windows PCs, Macs, and Android and iOS devices. If you use more than one device – like most of us do – you need an all-in-one security suite. Meet Norton Security Premium.

Enjoy peace of mind on every device you use with Norton Security Premium.

Symantec Corporation, the world’s leading cyber security company, allows organizations, governments, and people to secure their most important data wherever it lives. More than 50 million people and families rely on Symantec’s Norton and LifeLock comprehensive digital safety platform to help protect their personal information, devices, home networks, and identities.

Copyright © 2019 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, Norton, Norton by Symantec, LifeLock, and the LockMan Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Google Chrome and Android are trademarks of Google, LLC. Mac, iPhone and iPad are trademarks of Apple Inc. Microsoft and the Windows logo are trademarks of Microsoft Corporation in the United States and/or other countries. The Android robot is reproduced and/or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other company names and product names are registered trademarks or trademarks of each company.