19 Oct 2012

New Phishing Scam Steals Apple IDs


New phishing campaign informs Apple users that their Apple ID has been cancelled after an attempt to access their account from an unauthorized IP address.

The attackers are in fact phishing for gadget owners’ critical information. The message - disguised as an official Apple ID cancellation announcement - invites victims to access a given link and validate their identity. This procedure is supposed to be strictly necessary as their account needed to be deactivated for security reasons.

By accessing the link and typing in the log-in critical data, the Apple ID owners are in fact tricked into handing over the identification information to their Apple accounts. Attackers included in the message body a link towards a spoofed Apple’s ID website.

Researchers at Websense who stumbled on this scam told spamfighter.com that they “were able to trace the assault's source and found that it was a certain Internet Protocol address that hosted more phishing domains as well as service providers.”

Only a month back, Bitdefender stumbled on a similar campaign where the message mislead users into believing they needed to reset their account password. That message included three links towards fake Apple support webpages specially created by crooks to gather account IDs and passwords from unsuspecting users.

The Apple ID is for the Apple customer the virtual key to a series of services and option which would allow an attacker to buy applications at the victim’s expense or access data in the iCloud, for starters. For more information on the dangers of this scam, please check HotForSecurity.com