Cybercriminals are targeting Apple device users with a new phishing email. They are using “Your Apple ID is suspended” message, which is very convincing. This phishing attack targets users with an iPhone, iPad, MacBook, iPod, or any other device requiring an Apple ID.
This attack underscores the second Apple ID phishing scam. Previously, there was a scam in which cybercriminals told iPhone users that their iCloud storage was full and offered an upgrade. However, this scam is much more convincing. It is taking when Black Friday is near, and there are over 2 billion active Apple device users, providing a large attack surface.
In this scam, users receive a message with a blue button labelled “Go to Apple ID,” like in real communication with Apple. However, users are redirected to a fraudulent website that steals their username, password, and other details after clicking the link. These emails come from the “@uaepass.ae” domain; however, the real Apple domain is “@email.apple.com.” Such emails also contain unusual phrasing and grammatical mistakes.
Apple Inc. advised that when receiving such fraudulent emails, users must forward them to [email protected]. If they have already entered their details, users must change the Apple Account password immediately. The company also clarified that it would never ask users to log in to a website and ask for personal details.