Following iCloud phishing attempts, Apple issues browser security support doc

China flag map

Following a report Monday by Great Fire alleging that the government in China attempted to compromise the security of Apple’s users by redirecting local traffic to a fake login webpage, Apple on Tuesday confirmed it was aware of the phishing attempts and ensured its servers had not been compromised, according to a CNBC report.

The company also took additional steps in the form of a new support document which teaches unsuspecting users how to verify that their web browser is in fact securely connected to the genuine login page.

As a quick backgrounder, some users in China may have fallen prey of the fake login page, mostly due to the fact that the vast majority of the country’s online population uses the popular Chinese browser Qihoo.

The problem with Qihoo is that it does not warn users that they’re visiting a fake website, unlike Apple’s Safari, Google’s Chrome or Mozilla’s Firefox which have anti-phishing measures built-in.

Without mentioning the Chinese government, Apple said it’s aware of “intermittent organized network attacks” on users attempting to sign-in on, reports CNBC.

The iPhone maker assured that iCloud servers were not compromised. Turns out, folks who use iCloud services on their iPhone, iPod touch or iPad shouldn’t be concerned.

“Apple added that the attempted attacks don’t affect iCloud sign-in on mobile and Macs that are running the most up to date version of OS X,” the report added.

iCloud phishing (image 001)

Hua Chunying, spokeswoman for China’s Foreign Ministry, told the media that the government was “resolutely opposed” to hacking.

“We’re aware of intermittent organized network attacks using insecure certificates to obtain user information, and we take this very seriously,” Apple writes in the support document.

The company cautions users to pay attention to an invalid certificate warning when visiting the login page on desktop. You should at all cost avoid entering your Apple ID or password into a website that presents a certificate warning.

To check if you’re connected to the authentic iCloud website, pay attention to the contents of the digital certificate revealed in Safari, Chrome or Firefox after clicking the green/lock icon in the address bar.

If you get a “Safari is using an encrypted connection to” warning, your security won’t be compromised as you’re in fact visiting the legitimate iCloud login page.

Safari (iCloud login page verified)

This is how Chrome states that the certificate is valid.

Chrome (iCloud login page verified)

And the same message in Firefox.

Firefox (iCloud login page verified)

However, if you see a message that the is using an invalid certificate, navigate away immediately. If “Safari can’t verify the identity of the website,” don’t log in.

Safari (iCloud login page untrusted).png

If after clicking Chrome’s green lock icon in the toolbar next to Apple Inc. you get a “your connection is not private” message, you’re on a fake login page.

Chrome (iCloud login page untrusted)

In Firefox, if you’re connecting to a website that isn’t secure, you’ll see a message that says “This Connection is Untrusted,” as seen below.

Firefox (iCloud login page untrusted)

“These attacks don’t compromise iCloud servers, and they don’t impact iCloud sign in on iOS devices or Macs running OS X Yosemite using the Safari browser,” Apple’s support doc reiterates.

Pro tip: do yourself a favor and enable two-step verification for your Apple ID to protect yourself from such phishing attempts on your account.

[CNBC, Apple Support]