There have been reports of a new phishing attack by which attackers can cleverly steal data from us to log in. How to prevent this?

What are the phishing attacks? In a clever way, they can fool the user so that they can give sensitive data (eg logins, passwords) thinking they need it, and in the meantime they are sent to the attacker. An example of the latest attack was shown by developer Felix Krause. This attack involves using the iOS user's habit of entering a password to log into the iTunes Store. Oftentimes, the iPhone asks us for a password to confirm or sign in to certain places. Fortunately, in the iOS 11 pop-up windows with such a request, for example, while downloading a new application has been completely redesigned. But in other cases, our inattention can cost us too much.

fot. Felix Krause

fot. Felix Krause

It is enough for a developer to be tempted to create an application that will use the phishing attack to collect data. If we get a program like this, and we get a login prompt asking for a password to the iTunes Store, we will not even be able to tell if it is false – it's the same as the original. Krause warns that the preparation of such an attack involves the implementation of 30 lines of code. And although Apple is testing applications before approving it in the store, however, sometimes it may appear with a dangerous code in the middle. Such situations have taken place in the past.
fot. Felix Krause

fot. Felix Krause

How to protect yourself? Krause has one sensible advice. If you just pop out of this app, just exit Touch Application / Home. If the window disappears, it means that it was called by the application and it is definitely safer if you do not specify your data. If the window is re-invoked then this will happen from within the system and nothing will threaten us. You also need to have 2-step verification enabled on iOS, so that even if someone steals your data, it will not log you in. Source: Felix Krause