Apple Tops Phishing Targets in First Half of 2014, Report Says

Apple was the most hijacked brand in the first half of 2014 with a total of 21,951 attacks, or 17.7 percent of all phishing attacks, according to a report by the Anti-Phishing Working Group (APWG).

PayPal came second with 17,811 attacks and Chinese shopping site Taobao was third, suffering 16,418 phishing assaults.

iPhones “can be used to lock a user out of their phone and ransom it back to them for money,” said Rod Rasmussen, CEO of Internet Identity, in an interview with TechNewsWorld. “There are lots of different attack vectors, which adds up to why Apple is being phished as heavily as it is”.

Apple has beefed up security in its latest mobile operating system, but the newly revised encryption system from iOS 8 is susceptible to brute-force attacks in certain circumstances if users pick four-digit passcodes, according security researchers.

In the first quarter of 2014, the number of targeted institutions reached 756, which is a 10 per cent increase from 2013. Half of the names are new, which shows cybercriminals are looking for other aims to exploit.

On their list were large and small banks from Latin America, India, and the Middle East, as well as business sites from a diversity of industries: real estate firm Century21, Bitcoin wallet provider Coinbase, Irish telecom provider Eircom, cloud storage provider Box, fashion brand Gucci and FIFA.

Out of 87,901 phishing domains identified, over 25 per cent were registered maliciously, mainly by Chinese phishers by using free or cheap domain name registrations in certain top-level domains such as .TK, .CF, .GA.