Meet Apple's New Weapon Against Phishing Attacks
Apple's about to launch a new tool in protecting users from phishing attacks, the nefarious way that some users get tricked into handing over their usernames and passwords. But the big question about this new feature, which has been seen by developers running a new beta of macOS is will it be enough?
The new feature, a glyph of two people shaking hands — in either blue (iOS) or grey (macOS) — will signify the authenticity of a request from Apple for your personal information, possibly your login information. We've learned this from tweets sent by the user @CraftyDeano, an iOS and Android developer who shared images from recently-released developer betas for the iPhone and Mac operating systems.
On the iPhone and the Mac, a message introducing the new icon reads "This icon appears when an Apple app or feature is asking to use your personal information." The message goes on to state that "Apple believes privacy is a fundamental human right, so every Apple product is designed to ... Limit the collection and use of data, Provide transparency and control over your information, Build on a strong foundation of security."
On Mac too 🎉 pic.twitter.com/FtaHr6ZEQe— Dean 👨🏻💻 (@CraftyDeano) January 24, 2018
What we hope to learn soon, though, is how will this feature work in everyday usage, and how users be able to tell authentic version of the handshake icon from potential fraudulent, copycat images. One method would be that the real privacy icon will appear in the menu bar, but that might be too subtle for users to notice, and would require Apple to explain that in further detail.
The need for such a signifier is quite strong, as I can attest as an iPhone owner who is sometimes confused when a legitimate prompt for my iCloud user name and password shows up while I'm using my phone. It can appear out of the blue, and without a stated reason, causing confusion and suspicion.
If you're wondering why this is such a big deal, remember the stolen celebrity nude photos of 2014? Those images were taken from iCloud accounts after users were fooled by login screens that looked just like iCloud screens. Once someone has your iCloud login information, your whole digital life can be downloaded onto their system, which — incidentally — is a good reason to set up Apple's two-factor authentication.
This article originally appeared on Tom's Guide.
- 12 Computer Security Mistakes You’re Probably Making
- Mobile Security Guide: Everything You Need to Know
- Your Router's Security Stinks: Here's How to Fix It