Watch out for phishing scam targeting Apple and iCloud customers

Email users should be on the lookout for emails that appear to have come from Apple warning them of issues with their account information.

The email, titled Dear Customer, We are unable to confirm your account information, appears to come from Apple iCloud and informs the recipient that there was an issue with their account. The email urges the recipient to click a link titled My Account to resolve the problem.

Our regular readers will instantly recognise this scam for exactly what it is; a phishing email scam. This is where criminals pretend to be from a trusted entity – in this case Apple – to trick the recipient into handing over sensitive information.

The link in the email leads to a spoof website designed to look like a website associated with Apple. Only it’s not, since it is owned and operated by crooks. The spoof webpage asks you to login with your username and password for Apple. This information is them collected by the crooks.

This is the method criminals used to trick a number of celebrities into handing over access to their Apple passwords where they subsequently had their iCloud accounts raided for sensitive photos. iPhones automatically synch photos and videos to an online iCloud backup.


Sponsored Content. Continued below...




However this particular email scam goes further. Once the spoof webpage asks you to login with your username and password, victims are then told to “confirm” their personal information, including their address, phone number, date of birth and credit card information.

This is more than enough information for identity thieves to steal you identity, take control of your bank account as well as any number of other online accounts.

Phishing scams like this can appear very convincing. However, avoiding them is still as simple as ensuring that any links in emails lead to the actual website of the company in question, not a spoof website. Or better yet, just avoid clicking links in emails and head directly to the website by entering the website address into your Internet browser.

For more information on spotting phishing email scams, read our article here.