• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • April 11th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Cyber Crime
Scams and Fraud

A Compromised .GOV URL Hosting Phishing Attacks on Apple Users

May 16th, 2015 Waqas Scams and Fraud 0 comments
A Compromised .GOV URL Hosting Phishing Attacks on Apple Users
Share on FacebookShare on Twitter

A couple of months ago we reported how [linked url=”https://www.hackread.com/app-store-phishing-email-stealing-apple-user-credentials/”]an app store phishing email is stealing Apple user credentials[/linked]. Now a government of Vietnam domain belonging to its Tam Ky City was found redirecting visitors to another compromised domain asking them to login with their Apple IDs.

The domain hosting the phishing page was anphutamky.gov.vn, redirecting  users to a phishing trip towards Apple IDs. The domain link was included in an email, which appeared to be French in nature.

Here’s the email example sent to the users:

“Dear Customer,

Your Apple ID was used to log into iCloud from an unauthorized computer.

Your account is now locked, please log into your account to check your information.

Click here (compromised government domain link)

Apple Support

The link leads to anphutamky(dot)gov(dot)vn/cu/install/css/” which contained little other than code to redirect the visitor. The potential victim was sent to skintesting(dot)com(dot)au/components/com_mailto/views/sent/tmpl/auth/ which is just another compromised domain seeking Apple login credentials. The rogue pages have been taken offline.

[must url=”https://www.hackread.com/apple-phishing-scam-kyc-validation/”]Apple Users Hit With KYC Validation/ICloud ID Review Phishing Scam[/must]

It is a fact that a .gov website is always looked upon as a potential target for scammers therefore, it is extremely important that Admins keep everything up-to-date and patched up.

Here are the screenshots taken from both compromised sites: 
apple-phishing-scam

The email comes in French language | Image via Malwarebytes

Compromised Australian domain hosting Apple ID fale login page

Compromised Australian domain hosting Apple ID fale login page | Image via: Malwarebytes

After doing a history check on compromised Vietnam domain, we found out that in Feburary 2015, it was hacked and defaced by an Algerian hacker going with the handle of ViRusx. So no surprise how cybercriminals were using it as bait.

A zone-h mirror of hacked domain as a proof of hack is available below:

http://www.zone-h.org/mirror/id/23663316?zh=1

As far as Apple ID owners, please always verify that you are on the right page before submitting your login credentials. Unless you have asked Apple specifically to send you a URL for let’s say password resetting or any other reason, kindly avoid clicking on random URLs. 

So beware and don’t fall for such emails.

[src src=”via” url=”https://blog.malwarebytes.org/fraud-scam/2015/05/compromised-gov-redirected-to-apple-id-phish/”]Malwarebytes[/src]

  • Tags
  • Apple
  • Apple IDs
  • government
  • Login Data
  • Phishing Scam
  • Privacy
  • Scam
  • security
Facebook Twitter LinkedIn Pinterest
Previous article WhatsApp users hit with 'You Just Got an Audio Recording' Email Malware
Next article Mobile Spy Software Maker mSpy Hacked, Personal data of 400k users leaked
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
John McAfee Charged with Fraud in Cryptocurrency Scam

John McAfee Charged with Fraud in Cryptocurrency Scam

U.S. DOJ warns of fake unemployment benefit websites stealing data

U.S. DOJ warns of fake unemployment benefit websites stealing data

Online scams: How to give scammers a taste of their own medicine

Online scams: How to give scammers a taste of their own medicine

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
2 scraped LinkedIn databases with 500m and 827m records sold online
Cyber Crime

2 scraped LinkedIn databases with 500m and 827m records sold online

Facebook ads dropped malware posing as Clubhouse app for PC
News

Facebook ads dropped malware posing as Clubhouse app for PC

Hackers leak data, 600k card info from Swarmshop cybercrime forum
Cyber Crime

Hackers leak data, 600k card info from Swarmshop cybercrime forum

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us