With so many apps and system updates to contend with, it's not unusual for iPhone users to be asked to enter their Apple ID and password.
Most of us will quickly type in our details without a moment's hesitation - not even checking why we've been asked in the first place.
Unfortunately, hackers are trying to exploit this, meaning you may have willingly given your password and credit card details to a criminal without even noticing.
Software expert and tech entrepreneur Felix Krause has explained how the process works - and how iPhone users can protect against it.
How the scam works
Scammers can launch a phishing attack by imitating the pop-up within a particular app.
In his blog, Felix shows how a scam password request can look virtually identical to a genuine request.
The real pop-up and the fake version look exactly the same (Image: Felix Krause)
He said: "Users are trained to just enter their Apple ID password whenever iOS prompts you to do so.
"This could easily be abused by any app. Even users who know a lot about technology have a hard time detecting that those alerts are phishing attacks."
What you can do to stop being scammed
Felix has three important tips to remember:
Press the home button and see if the app quits. If the app and the pop-up disappear at the same time, it was a phishing attack. If they remain visible, it's a genuine request.
Don't type your details into the pop-up. Instead, go into Settings and enter it manually.
Even if you hit cancel, a scam pop-up will be able to see if you've typed any details into it. Make sure all fields are blank.
Make sure you leave the password section blank before you hit cancel (Image: Felix Krause)
Follow these steps and you can keep your details to yourself and avoid any nasty surprises on your next credit card statement.
About Article Author