Urgent warning for all iPhone users after new cyberattack targets 1.4 billion Apple devices – here’s how to protect yourself

An urgent warning has been issued to all 1.46 billion iPhone users after tech experts discovered a new cyberattack targeting Apple ID accounts.

Cybercriminals are using SMS phishing campaigns to send messages purporting to be from Apple, encouraging users to click on a link to an “important request” regarding iCloud.

California-based security firm Symantec discovered the attack this month, warning that the links led to fake websites that tricked users into providing their Apple ID details.

Apple has developed guidelines for dealing with such an attack, urging iPhone owners to use two-factor authentication, which requires a password and a six-digit verification code to access their account from an external device.

“These permissions are highly valuable because they provide control over devices, access to personal and financial data, and the potential for revenue from unauthorized purchases,” Symantec said on its website.

“In addition, Apple’s strong brand reputation makes users more likely to trust deceptive messages claiming to come from Apple, making these targets even more attractive to cybercriminals.”

The company posted an alert on July 2, saying it had noticed a malicious SMS message circulating that read: “Important Apple request to access your iCloud service: visit signin(.)authen-connexion(.)info/icloud to continue using your services.”

Symantec discovered that hackers added a CAPTCHA test to a fake website to make it appear authentic.

Once completed, users will be moved to the legacy iCloud login template.

Apple noted on its support site that scammers may also ask iPhone users to disable features such as two-factor authentication or stolen device protection.

“They will claim it is necessary to help stop the attack or allow you to regain control of your account,” the tech giant said.

‘But they are trying to trick you into lowering your security level so they can launch their own attack.

“Apple will never ask you to disable any security feature on your device or account.”

There are ways to spot a scam, and an obvious sign is a link provided in the text.

While the message may seem legitimate, the URL will not correspond to the Apple website.

The tech giant also added that hackers typically send text messages that deviate significantly from the company’s standards.

Scammers aren’t limited to impersonating Apple. Many users have reported text messages purporting to be from Netflix, Amazon, and other well-known companies.

The fake messages claimed that users’ accounts were frozen or that their credit cards had expired, and urged them to click on a link asking for personal information or bank account information.

The Federal Trade Commission warns: “If you receive an unsolicited text message asking for personal or financial information, do not click on any links.”

“Legitimate companies won’t ask you for your account information via text message.”

“If you think the message may be legitimate, contact the company from a phone number or website you know is legitimate. Not from the information in the text message.”