A couple of days back, we reported on the so-called Masque Attack afflicting iOS, with threatening apps posing as legitimate ones in order to steal login credentials. Here’s how you can protect yourself.
It’s the iOS Developer Enterprise Program that makes Masque Attack possible in the first place.
The iOS Developer Enterprise Program is, when not being abused, incredibly useful, particularly for business and enterprise, but with iOS being as heavily scrutinized as they come, individuals with ill intentions have found a way to utilize the convenient tool to their advantage. As such, those within organizations taking advantage of the program are advised only to install apps via the secure website manned by their company, and as for the rest of us, the advice is oh-so familiar.
The best way to stay safe is to download apps from the App Store only. The support page over at Apple.com familiarizes users with an example pop-up, and goes on to remind iOS device owners not to install anything from an “Untrusted App Developer.” This may seem like a no-brainer to many of you, but phishing scams like this happen every single day, and while warning users to stick to the official store for apps has been a largely Google-fought battle, the iOS Developer Enterprise Program has ensured that folk running an iPhone, iPad or iPod touch must also now remain vigilant.