If you are an iPhone user, then you are at a significant risk. You must have seen the login prompt many times on your iOS device asking you for the Apple ID and password. It happens when you try to purchase a new app from the App Store or open the iTunes Store. Some popups can easily trick you to give away your Apple ID password to someone. The popups look just like the original popup, and the users may think that it is necessary to type their password which is sent to someone who created it.
A better explanation for this is that it is straightforward for the application developers to create popups like this and any app developer can trick you into giving your password and may use it later to exploit you.
A developer further explains:
“Showing a dialog that looks just like a system popup is super easy, there is no magic or secret code involved, it’s literally the examples provided in the Apple docs, with a custom text. I decided not to open source the actual popup code, however, note that it’s less than 30 lines of code and every iOS engineer will be able to quickly build their own phishing code.”
It has been a significant problem on desktop systems for years. Random popups appear on the desktop, which looks like the standard system notifications and they trick users to add their ID and password, and some users do it. These are called phishing attacks, and they are illegal.
The question is How would you know if your Apple ID was compromised? Its simple: Your Apple ID might be compromised if you receive an account notification from Apple for a change you didn’t make, or if you notice anything in the account details you don’t recognize. And then there are some steps that you can follow through your Apple account to regain your account.