Apple iOS code researcher Felix Krause this week demonstrated just how simple it is to create a fake login form and steal personal details.
Posing as the standard “Sign in to iTunes Store” form that users are so familiar with, the fake form appears almost identical to the original and is capable of stealing credit card and personal details in just seconds.
the malicious login form took less than 30 lines of coding to create and can be easily replicated by the most basic of tech developers.
Can you tell the difference?
(Left image is the real one)
Lesson: The best way to not be compromised is by always entering your login details via settings app. If you hit the home button and the login box closes the app, and with it the dialog, then it was likely a phishing attack.