Have you received an email which purports to be from Apple, with the subject line “We have temporarily suspended use of this ID”? Chances are that it’s most likely a new phishing scam which aims to harvest your Apple ID credentials and credit card details.
The sender name of the email shows that it’s from Apple, however the email is actually coming from the address ‘support(at)academiapractica(dot)com’, which comes from a server at OVHcloud and is not associated with Apple.The email is entirely plain text, has no Apple branding, and does not greet or address the user. Instead, it begins by warning that the use of the ID has been suspended until activity is verified. The user is then instructed to click some hyperlinked text which reads “Review and verification of account activity” in order to continue using their ID. The fraudster has used a link shortening service to hide the true URL in an effort to make it harder to detect the scam.
Here's what the email looks like:
The user is then taken to a phishing site where they are prompted to enter their Apple ID and password. When they proceed with logging in, their credentials are harvested by the cybercriminal – but the scam doesn’t end there.
When the user proceeds to ‘log in’, they’re redirected a page titled “Payment Verification For Your Apple ID”. The page instructs the user to enter their credit card details and are threatened with the closure of their account if they exit the window.
Although care has been taken to use Apple branding and make the phishing pages look legitimate, you’ll notice in the screenshot below from the URL that the user is not on the authentic Apple website. Additionally, the buttons for ‘month’, ‘year’ and ‘continue’ are written in German which raises further red flags.
If the user provides their credit card details, they’re taken to an “SMS verification” page, where they’re directed to enter a code that’s sent to their mobile.
Brands like Apple are popular targets for impersonation by scammers, due to their enormous customer base and trusted name.
Apple advise their customers to:
- Never share personal information such as credit card numbers, unless you can verify the recipient is who they claim to be.
- Protect your Apple ID. Use two-factor authentication, always keep your contact information secure and up to date, and never share your Apple ID password or verification codes with anyone. Apple never asks for this information to provide support.
And to report any suspicious emails that purport to be from Apple by forwarding them to: reportphishing@apple.com
MailGuard advises all recipients of this email to delete it immediately without clicking on any links. Providing your personal details can result in your sensitive information being used for criminal activity and may have a severe negative impact on your business and its’ financial well-being.
MailGuard urges users not to click links or open attachments within emails that:
- Are not addressed to you by name.
- Appear to be from a legitimate company but use poor English or omits personal details that a legitimate sender would include.
- Are from businesses that you were not expecting to hear from, and/or
- Take you to a landing page or website that is not the legitimate URL of the company the email is purporting to be sent from.
Many businesses turn to MailGuard after an incident or a near miss, often as a result of an email similar to the one shown above. If unwanted emails are a problem for your business, don’t wait until it’s too late.
Reach out to our team for a confidential discussion by emailing expert@mailguard.com.au or calling 1300 30 44 30.
One email is all that it takes
All that it takes to devastate your business is a cleverly worded email message that can steal sensitive user credentials or disrupt your business operations. If scammers can trick one person in your company into clicking on a malicious link or attachment, they can gain access to your data or inflict damage on your business.
For a few dollars per staff member per month, you can protect your business with MailGuard's predictive and advanced email security. Talk to a solution consultant at MailGuard today about securing your company's inboxes.
Stay up-to-date with MailGuard's latest blog posts by subscribing to free updates. Subscribe to weekly updates by clicking on the button below.
