Apple customers should be on alert for yet another email phishing scam. TekRevue has received reports from multiple sources in the past 24 hours of scam emails targeting iTunes and iCloud users. Like most phishing scams, the emails contain formatting and language inconsistent with that normally used by Apple, and ask users to “log in” in order to prevent their account from being locked or deleted.
Phishing scams are nothing new, and target users of many services, such as Google, insurance companies, and banks. Consumers can usually recognize the fraud right away thanks to poor grammar and aesthetic design, but as the scams become more sophisticated, those who lower their guard for even a moment can fall victim to the scam, and unwittingly provide the scammers and hackers with critically important user and login information.
As always, remember to carefully examine any emails purporting to be from the financial institutions or online services you use, especially those issuing warnings about “locked accounts” and promising dire consequences if you fail to “click here to log in.”
In the event that a possibly legitimate email requires you to click a link to log in, copy the link from the email and paste it into a text editor. If you don’t recognize the domain, delete the email and contact the organization directly via phone or email (using their official contact email, not by replying to the suspect email in your inbox!).
In the case of this most recent Apple phishing email, the “Check Now” link leads to a domain called “ituness-upadte-login.saaihbbb.co.za,” obviously not something we want to risk clicking on.
Most organizations provide ways for customers to alert them about new frauds and phishing scams. In the case of Apple, customers can email the company’s phishing and abuse division.