Go Phish: Fake Apple Emails

Wednesday, November 2, 2011 @ 03:11 PM gHale

A message replicating Alerts received by Apple customers when the company notifies them on changes of their accounts, is now hitting the industry.

A Trend Micro researcher came across a message that looked very much like the genuine message he had received not long ago from the Cupertino, CA company.

Boxing Bill Phishing Attack
RSA Attack Traces to China
XML Encryption Insecure
Hacking RFID Smart Cards

The fake email seems to come from “do_not_reply@itunes.com” and comes out via smtp.com. Coming with the subject “Account Info Change,” it perfectly replicates most visual aspects of a real message.

The content of the message reads:
“The following information for your Apple ID was updated on [date]:
“If these changes were made in error Report Problem.
“To review and update your security settings sign in to appleid.apple.com.
“This is an automated message. Please do not reply to this email. If you need additional help, visit Apple Support.”

The link looks authentic, but in fact it leads the unsuspecting user to a phishing site hosted on a free domain. It asks the customer to provide an ID and a password, the information going back to the brains of the phishing scheme.

These operations can be highly dangerous for your savings as they gives access to your Apple account which contains a lot of sensitive data such as credit card info, address and phone numbers.

iTunes fraud is not uncommon because cybercriminals noticed how easy it is to phish out a set of credentials which can then purchase all sorts of products in the Apple Store.

Even if the email looks to be legit, once you click on the link it contains, you can check out the address in your browser to see if it really belongs to the genuine company. Email addresses are easy to spoof, but website names always give away the true identity of a page.

Leave a Reply

You must be logged in to post a comment.