An authentic looking phishing attack is doing the rounds at the moment which purports to be from Apple.
The email informs users that there has been a change in their account information and, according to a blog by Trend Micro’s Danielle Veluz, the mail is almost identical to one she recently received from Apple.
The phoney mail has made a few modifications to the body text when compared to the legitimate message from Apple and the only give-away that it’s bogus is the “via smtp.com” next to the sender’s email address.
Whilst the email address itself looks authentic – do¬firstname.lastname@example.org – the inclusion of “via smtp.com” means that Gmail has detected the possible use of a third-party email service.
The links contained within the email take the user to a phishing web page where users are asked to sign in to their Apple ID.
Again, the site looks perfectly legitimate and could easily be mistaken for the official site, with the only real give-away being the advertisements which are displayed along the bottom of the page.
Danielle blogs that her suspicions were sufficiently aroused to ask for help from a Trend Micro engineer.
They found that the fake Apple site was a phishing page which was hosted on a free service.
Users unwittingly enter their Apple ID and password which then gives the phishers access to all of their account information, including credit card details.
According to Danielle, this illustrates how easy it is these days for phishers to stage attacks with “minimum investment and considerable returns”.
As the data that attackers need to store is limited, little space is needed and this enables them to use a free service which would prove more difficult to track.
“With Apple’s market steadily growing, cybercriminals may now be more interested in these Apple accounts and the stolen credentials may be sold underground to other crooks for a good price,” she warns.
With attacks such as this, which look authentic and prey on users worries that their account has already been compromised, it is wise to double-check every email that asks you to login to an account.
Many users would be fooled by both the email address and the web page, so it is wise to check the URL and email details. If you are in any way unsure as to where the email has originated from, login to the official Apple site to check your account.