If you input your password into one of the fake boxes, the attacker could steal it and use it to access your credit card information, the MailOnline reported.
Mobile app developer Felix Krause, based in Vienna, Austria, published a proof-of-concept on his blog on Tuesday that showed how easy it is to copy Apple's 'Sign In to iTunes Store' prompt to take a user's password.
'Users are trained to just enter their Apple ID password whenever iOS prompts you to do so,' Mr Krause wrote in his post.
"However, those popups are not only shown on the lock screen, and the home screen, but also inside random apps, e.g. when they want to access iCloud, GameCenter or In-App-Purchases. This could easily be abused by any app."