Scam emails posing as Apple
Various phishing schemes are being run by scammers posing as Apple, in an attempt to fraudulently acquire your personal information such as your account password or credit card information. An example email from a recent scam can be seen below:
Your account is set up and enables you to purchase and download immediately. You can listen to the music you buy on up to five Macintosh or PC computers, make unlimited playlists, burn CDs, and transfer your music to iPod. Use your new Apple ID for all kinds of Apple purchases — from the newest hardware in the Apple Store online to photo books and prints through iPhoto.
If you would like to find out more about the iPod portable digital music player, visit http://www.apple.com/ipod/ to learn how you can take up to 20000 songs you buy and download with you wherever you go.
For help using the Store, choose Help > iTunes and iTunes Store Help in iTunes. If you have questions about your purchases, click the Account: Sign in button from the iTunes Store navigation bar in iTunes, sign in, and visit your Purchase History page.
If you have forgotten your password or need additional customer service, please visit http://www.apple.com/support/itunes/store/
Thanks for setting up your account!
Sincerely,
The iTunes Store Team
Apple Inc.
|
Apple respects your privacy. |
|
Copyright © 2015 Apple Inc. All rights reserved. |
The link ‘Click here for refund’ leads to the following webpage:
Even more deviously, the links at the top – ‘Store, Mac, iPhone, Watch, iPad, iPod, iTunes, Support’ – have been linked to the official Apple website, causing a false sense of trust for the user:
However the give away on the login page is the URL:
and the url shown before being directed to the login page:
Unfortunately, these scammers are getting better and better at producing material that looks legitimate. In fact, in the above email, the scammers even managed to have their email address as ‘noreply@sales.apple.com‘, consequently signs such as an odd URL may be easy to miss. Therefore we highly recommend you avoid using any links you receive in emails, and instead go directly to the official Apple site from your web browser and log in from there.