In the recent past, there have been numerous headlines covering the news that Apple ID credentials are being spotted on the dark web.
The allure of not only acquiring personal data but also other valuable data such as credit card details is what keeps attracting hackers.
A notable case is that of Chinese scammers hijacking Apple accounts and making purchases using the accounts.
Data such as usernames and passwords are being sold with price tags as low as $15, making them the most in-demand non-financial data on the dark web.
Ultimately, financial-related data is arguably the most valuable.
Regardless, there are steps one can take to protect themselves from data theft.
Phishing: What It Is and How to Prevent It
Hackers use a variety of methods to retrieve the data, the most common being phishing. Users are duped in handing over their data, mainly through fake logins pages that mimic the original site.
While it might be difficult for some users to distinguish between fake webpages and legitimate ones, there are ways to avoid falling victim to a phishing scam.
The first thing is to never open links directly from email. The safest action to undertake is to copy the link into a new tab, then check the address.
Most of the fake emails and webpages mimic the logos, fonts and color themes of the original site, but the domain name will never be identical.
Additionally, Apple published a page on its website explaining how users can protect themselves against phishing and how to detect an email from Apple.
Two-Factor Authentication: An Extra Layer of Protection
Suppose that a hacker stole and possibly sold your ID credentials to someone for purposes of hijacking your account.
An example is that of scammers in China hijacking accounts and using Apple’s Family Sharing feature to make purchases on the App Store.
The feature allows users to share apps and content such as movies and music with family members of up to five.
The feature only works when a user receives an email or text to accept or reject the option to join from the family admin.
Scammers with the administrator’s credentials can gain access to the account directly and subsequently add a new account as they please.
This can be avoided by setting up a two-factor authentication system to make your Apple ID more secure.
Basically, this feature works by generating a six-digit code or pin that is used along with the username and password to access, make changes or carry out transactions.
The code or pin is normally sent via text to the owner’s device or at times through email that a hacker/scammer has no access to.
The feature may not be foolproof due to its vulnerability to sim-swap fraudsters, but it still offers an extra layer of protection—reducing the possibility of the account being hijacked.
Other Measures to Safeguard Your Account
Additionally, it is advised to keep changing passwords regularly with stronger codes and avoid reusing old ones.
It is also advised not to use the same password for different accounts.
The use of a password manager is highly recommended to secure and keep track of your passwords.
Moreover, constant monitoring for suspicious activity such as unauthorized purchases may help reduce the damage before it gets out of hand.
While Apple’s systems are the world’s most secure, it has been pointed out that its users are the biggest security weakness.
Users are urged to be vigilant—ultimately, it is their due diligence to take measures to safeguard their accounts.