Another day, another scam, only the latest to come to light has been described by Intego’s Mac Security Blog as a “vast” phishing attack comprising a “well-crafted” email.
Targeting anyone with an Apple ID, the bogus email, which claims to come from firstname.lastname@example.org, informs recipients that their billing information records are out of date. “Failure to update your records will result in account termination,” it says.
Unlike so many scam emails, with their abysmal spelling and poor grammar, it’s clear that a bit more work has gone into this one.
As you’d expect, the email contains a genuine-looking link for readers to click on to enable them to confirm their billing information. According to Intego, clicking on the link takes you to an equally genuine-looking sign-in page requesting your Apple ID and password. Do that and you’ll come to another page asking you to update your profile, which includes a request for—you guessed it— your credit card information.
With so many people receiving Apple products like iPhones and iPads this Christmas, millions of new Apple IDs will have been created since Christmas Day. Such new Apple customers are all potential targets for those operating the scam.
One way to check the authenticity of a link is to hover the cursor over it and see what address shows in the floating box that pops up. The genuine address (ie. the destination of the link) will show in the part immediately after ‘http://’. Alternatively, simply go directly to the website through another browser window and log-in from there to check that your account is in order.