Criminals used Safari to redirect users to adult-oriented sites
However, despite threatening messages and scary warnings to “deliver case materials to Metropolitan Police,” there was no real danger at all. It turned out that more experienced computer users were able to handle the problem by simply clearing Safari browser cache via device’s settings. Apparently, not many users sought for help due to content they were trying to explore. According to researchers from Lookout, “attackers effectively used fear as a factor to get what they wanted,” and here we can see a perfect example of a social engineering attack. Scammers managed to force uninformed users to pay the ransom just by telling them that they are doing something illegal, although their statements were entirely incorrect. Some victims hastily supposed that it was true and paid the ransom instead of looking for help online using another device.
It is highly advisable not to believe scary messages that pop-up on your device’s screen and urge you to do something in a rush. If you haven’t upgraded your iOS device to 10.3 version yet, do it ASAP, however, do not forget that frauds quickly find new ways to deceive users; therefore we expect more similar scareware campaigns in the future.
- ^ About the security content of iOS 10.3. Apple Support. Apple Security Updates.
- ^ Andrew Blaich, Jeremy Richards. Mobile Safari scareware campaign thwarted Read more: Mobile Safari scareware campaign thwarted. Lookout Blog. Blog Posts from Cybersecurity Experts.
- ^ Defending Against a Scareware Attack. FraudWatch International. Expert Explanations.
- ^ How Can I Identify a Phishing Website or Email?. Yahoo Safety. Top Security Tips.
- ^ What is Social Engineering?. Webroot. Business Security Resources - Endpoint Information.