CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
October 31st, 2011

Phishing Campaign Fake Legitimate Apple Emails, Steals Victims ID And Password

A phishing campaign which involves the reputation of Apple has been seen invading inboxes. The rogue message perfectly replicates alerts received by customers when the company notifies them on changes of their accounts.

A Trend Micro researcher came across a message that looked very much like the genuine message he had received not long ago from the Cupertino
firm.

The fake email seems to come from “[email protected]” and is sent via smtp.com. Coming with the subject “Account Info Change,” it perfectly replicates most visual aspects of the real deal.

The content of the message reads:

The following information for your Apple ID was updated on [date]:
Name
If these changes were made in error Report Problem.
To review and update your security settings sign in to appleid.apple.com.
This is an automated message. Please do not reply to this email. If you need additional help, visit Apple Support.

The link mentioned before is masked to look authentic, but in fact it leads the unsuspecting user to a phishing site hosted on a free domain. It asks the customer to provide an ID and a password, the information being sent to the masterminds that designed the whole scheme.

These operations can be highly dangerous for your savings as they gives access to your Apple account which contains a lot of sensitive data such as credit card info, address and phone numbers.

Itunes fraud is not uncommon because cybercriminals noticed how easy it is to phish out a set of credentials which can then be used to purchase all sorts of products in the Apple Store.

Even if the email looks to be legit, once you click on the link it contains, you can check out the address in your browser to see if it really belongs to the genuine company. Email addresses can be easily spoofed but website names always give away the true identity of a page.

Credit: Softpedia.com News

Share this item with others:

More on CyberInsecure:
  • Yahoo! Groups Are Used By Phishers To Send Personalized Scam Emails
  • Apple MobileMe Users Are Attacked By Phishing Scam
  • Another Google Adwords Phishing
  • Increasing Number Of Warcraft Players Attacked By Password Stealing Malware
  • UK Home Office Crime Reduction Website Hosted Italian Phishing Scam

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Phishing Campaign Fake Legitimate Apple Emails, Steals Victims ID And Password

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.