Wednesday, 14 May 2014

Fraudulent Apple ID notification spamming Irish emails


ESET Ireland warns of another scam making the rounds in Ireland. A fraudulent notification of a purchase made via Apple ID results in cybercriminals collecting log-in passwords.

While the concept of fake notifications is nothing new, cybercriminals keep coming up with new variations on the old scam. This time the email message, that is being spammed to Irish email addresses, claims your Apple ID has been used for an App Store purchase and that you should “reset your password” if you didn’t make the purchase. The full message reads:

Subject: Your recent download with your Apple ID

From: Apple appxxx@apple-store-co.com

Your Apple ID was just used to download Defender of the Crown from the App Store on a computer or device that had not previously been associated with that Apple ID.

Order Number: RDCSWA281OD
Order total: 12.21 £

If you initiated this download, you can disregard this email. It was only sent to alert you in case you did not initiate the download yourself.

If you did not initiate this download, we recommend that you go to iTunes PaymentCancellation Form to change your password, then

See Apple ID: Tips for protecting the security of your account for further assistance.

Regards,
Apple



Because the victim, of course, didn’t make any purchase, they are lead to believe someone abused their Apple ID and they click on the suggested link to change their password. But the link leads to a faked iTunes site, which harvests passwords, so that the cybercriminals can then actually log into the victim’s account and abuse it.



This scam is clever in that it already acknowledges that people are becoming increasingly suspicious of online fraud and incorporates this into its own scamming strategy. ESET Ireland recommends that every such “confirmation email” you may receive, is treated with scepticism and clicking any links within it should be avoided, as in most cases they lead to faked websites, which may not only harvest your passwords but also try to infect you with drive-by malware.







More info on latest threats: blog.eset.ie