"PSA: be careful where you type your Apple ID password."
Do you think twice about entering your Apple ID password when prompted by your iOS device? You should. This week developer Felix Krause highlighted a dangerous new mobile phishing vector -- iOS dialog boxes. Krause built a proof-of-concept app that presents the user with a phony iOS dialog box that is indistinguishable from the real thing. What's worse, via a number of methods, malicious actors can insert this "dark feature" into an iOS app that lays dormant until after Apple App Store review. To protect yourself, Krause recommends that when prompted, you don't enter your credentials in a pop-up. Dismiss it and enter your password via Settings. If dark features in third-party commercial apps putting your business and staff at risk concern you, contact us to learn more about the NowSecure Platform and always-on, cloud-based mobile app vetting of third-party commercial apps on the Apple App Store or Google Play store.