If you’re in China, you might be one of the hundreds of millions of people currently enjoying a new tech gizmo: whether it’s the new iPhone 6 or the recently launched Xbox One. But it seems the government might have other plans for you.
According to a report from Greatfire.org, the Chinese government is currently phishing for users’ accounts whenever they try to login to Apple’s iCloud or Microsoft’s Live services. Whenever a person tries to access those addresses he or she gets rerouted to a different website designed to look identical to the official one.
Users on Chrome or Firefox do get a warning that they’ve been rerouted but users on Qihoo, China’s most popular browser, don’t. Instead, they go straight to the fake website that steals their credentials and gets access to their accounts.
What’s interesting and worrying is that these attacks seem to be nation-wide. In fact, they seem to be part of the “great firewall”, meaning that it’s the government that’s doing the snooping. And they’re happening so soon after the launches of the new devices, likely meaning this isn’t a coincidence.
Of course, savvy users can still reach the official services from Microsoft and Apple by using a VPN or finding one of the services’ IPs that isn’t being re-routed.