Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Sign-in required popup?

B

Bbafett

macrumors 6502
Original poster
Sep 14, 2012
317
88
Georgia
Has anyone seen any a pop up start showing up that looks like this? Started happening today on 10.3.3 on iphone 6, and I am reluctant to put in my apple Id password b/c it looks suspicious. I have done restart and cleared all browser data in case something got through there as that is about the only app I have used on my phone today minus email.

I am signed in to Icloud already. Haven't purchased anything.
 

Attachments

  • Image.png
    Image.png
    1.2 MB · Views: 1,317
  • Image-1.png
    Image-1.png
    782.7 KB · Views: 1,729
There is a "bug" in iOS which that allows any app to mimic such pop-up and steel your password.

You can read about phishing pop-up on

https://krausefx.com/blog/ios-priva...et-the-users-apple-id-password-just-by-asking



Basic advices are (to distinguish real fro phishing pop-up):

  • Hit the home button, and see if the app quits:
    • If it closes the app, and with it the dialog, then this was a phishing attack
    • If the dialog and the app are still visible, then it’s a system dialog. The reason for that is that the system dialogs run on a different process, and not as part of any iOS app.
  • Don’t enter your credentials into a popup, instead, dismiss it, and open the Settings app manually. This is the same concept, like you should never click on links on emails, but instead open the website manually
  • If you hit the Cancel button on a dialog, the app still gets access to the content of the password field. Even after entering the first characters, the app probably already has your password.
Click to expand...

You can see and video



One of the advices is to click on the Home Button and if the pop-up doesn't disappear, it is legitimite, but the best thing is to go to Settings and sign in.


Just to be clear, I don't say that this is a phishing, I am only pointing to keep in mind this things when asked to input your Apple ID and password.
 
Yeah that was my thought too. Going to enter a wrong apple Id password and see if it goes away as there would be no way it would know it would be wrong I would think.

Killed every app and restarted. Hopefully it goes away permanently.
 
011 said:
One of the advices is to click on the Home Button and if the pop-up doesn't disappear, it is legitimite, but the best thing is to go to Settings and sign in.


Just to be clear, I don't say that this is a phishing, I am only pointing to keep in mind this things when asked to input your Apple ID and password.
Click to expand...
It's all definitely something to keep in mind. That said, there's the real thing that does also appear and would need to be dealt with too. In this case, given that it appears as a system notification on the lock screen it sounds more like the real thing vs. a faked phishing attempt as the latter wouldn't be able to generate that type of a system notification on the lock screen as I recall.
 
on iOS an app can't display a alert on the home screen. So that's a genuine Apple alert. And there is no known phishing malware that request the password yet.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back