Similar to the Facebook phishing campaign seen a few weeks ago stealing users’ credentials, this time iPhone users are being targeted. Users are led to a site that mirrors the authentic one, for example, researchers discovered a cloned Airbnb site. When victims reach the site, they are prompted to sign in to their Facebook in order to access the content of the page. When credentials are entered, a notification appears that tells the user their account has been compromised. Researchers explained the detail of the fake sites stating, “the prompt to authenticate the action is fake. It is an image displayed within the HTML document that makes it look like an iOS prompt. The tab switching in Safari is also fake, it is a recording of a video of tabs switching that is played as soon as the user confirms their intent to log in.” Implementation was flawed but many users will still fall for it because the flaws were very subtle.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is