New Phishing Campaign Seeks Account Credentials of Apple Users
According to security researchers, cyber-criminals are unyielding as they keep garnering account credentials related to various Internet services, and currently, they are executing a robust phishing e-mail scam aimed at users of Apple the software giant, reported softpedia.com dated August 22, 2014.
Typically, the e-mails are spoofed and this time they impersonate Apple using its supposed e-mail id email@example.com while issuing alert messages for recipients telling them they require validating their account credentials by logging into the same. The complete fraud gets the look of security verification, while in case end-users overlook it, they would face suspension of the Apple ID assigned to them.
Scammers use this as one usual trick which makes the message seem urgent as also raises the number of successful attempts during the phishing scheme. Essentially, the message body ends with a web-link supposedly leading onto Apple's site that asks for the end-user's particulars necessary to complete the account verification.
In addition to asking the username and password of the user's Apple account, the phishing site directs him to provide his full name along with birth date; details of credit card such as CVV, number, 3D-secure particular and expiration date; address; driver license code as well as replies to security queries. These information land up with the cyber-crooks who could use the same to commit identity theft vis-à-vis the victim.
Disturbingly, Apple has had such attacks from online miscreants previously too. Indeed, because of these recurrent e-mail scams against Apple, the company as well as security specialists have recommended certain security suggestions for the Apple users:
One, they must be wary of dubious e-mails. In case an e-mail received talks about suspension of the recipient's Apple ID alternatively asks him for making his information up-to-date, he mustn't open the web-link given inside the e-mail rather he should go to his Web-browser and access apple.com for the action.
Two, users should activate the 2-step validation to access their Apple ID. Then, suppose their Apple ID gets stolen, the phishers would not be able in logging into their accounts devoid of being in physical control of their devices or mobile-phones.