Users of Apple Become Victims of Phishing Emails Again
Security firm Bitdefender recently warned users of Apple to be cautious of being targeted with phishing emails.
The fake email message does not address the recipient by name and straightway claims to perform the verification of the billing information because of undisclosed security reasons.
The fraudsters inform the users to click on a link "reset page" which is due to expire after three hours making users to carry out the action again for some undisclosed limitations.
Those who click on the link "Reset now" will land on a page which seems to be the page of My Apple ID but URL of it has nothing to do with the company.
The information fields available are designed to yield credentials of Apple ID along with details of payment card like full name, date of birth, address, country of residence, ZIP code, type of card with its number, expiry date, CVV (card verification value) and the password for 3D Secure.
The fraudsters can make online purchases in the name of the victim only with card data. However, some banks have offered 3D secure password as an additional security service which has also been implemented by some online retailers to stop fraud.
It is quite interesting that when victims complete the process, they are shown a reassuring message saying two-step-verification has been activated for their Apple ID.
Bitdefender advises to be on the lookout for any strange email messages (like in the above case the fraudulent email message does not address the recipient by name) to recognize spam messages and avoid being the victim of identity theft. The security firm points out that in this case, the URL belongs to a domain which is not related to Apple at all and the email address of the sender also raises suspicions.
Finally and unfortunately, it is not the first time that users of Apple have been targeted by cybercriminals. For example, during early February 2015, hackers attacked users of Apple iCloud with phishing email messages designed to steal their financial information according to a warning issued by security firm Sophos.