Apple Phishing Bait Has a Lot of Hooks
In general, a lot of phishing has been moving the embedded links the recipient is intended to click on from the body of the email into an attachment, in order to increase the odds of evading detection and, we theorize, as a kind of “social engineering” ploy to move the user along quickly and get them into a clicking frame of mind. During recent analysis of malicious PDF samples, we saw a lot of Apple-themed phishing content and thought it might be instructive to share how rich and varied the world of Apple phishing has become. We illustrate this with some real-world examples for you. From purchases in the app store to a range of activities using one’s Apple ID, threat actors have developed many ways to entice users to click on that malicious link that leads to the theft of precious Apple credentials.