Fake Apple notifications lead to phishing site

When changes are made to an Apple ID account, Apple sends a notification about it to the user so that he can react promptly if the changes weren’t made by him. Unfortunately, cyber crooks are aware of that and have no qualms about misusing that fact to their own advantage.

Phishing emails mimicking such a notification are currently hitting users’ inboxes and, sadly, they look quite believable. The typical “clean” Apple look is the same, and the text has been copied from an original Apple notification.

The only two things that might alert the users to the fact that the email is a fake is that it was sent from the do_not_reply@itunes.com address via smtp.com (which means that it was likely sent through a third-party email service) and that one of the offered links embedded in the email leads to a website hosted on a free hosting site and not an Apple domain.

This website also looks pretty convincing, but discerning users are likely to be tipped off by the fact that Apple does not have random ads on its sites and this page has some on the bottom:

Less careful users could fall for the scam and enter their Apple IDs and passwords.

“This simple spammed message shows how easy it is to stage attacks nowadays – with minimum investment and considerable returns, phishers now have access to users’ App store info which includes users’ credit card information, home addresses, and phone numbers,” points out Trend Micro. “Always be wary of the littlest details in your email that may strike you as suspicious. Check and double check embedded URLs, delete spammed messages, and never underestimate the endless possibilities of cybercrime.”

More about

Don't miss