Identity Theft Protection Blog

By the AllClear ID Team

Vanessa here from  AllClear ID. Got a new iPad, iPhone, or other Apple gizmo? A new phishing scam is targeting you.

According to the Mac Security Blog, cyber thieves are sending around an official-looking email asking Apple users to update their billing information. The targets: new Apple users who are just setting up their accounts and may be unfamiliar with the Apple system.

The email looks legit because it has elements taken directly from Apple’s website, including the logo and the copyright information. It reads:

“It has come to our attention that your account Billing Information records are out of date. That requires you to update your Billing Information. Failure to update your records will result in account termination.”

A link at the bottom, which poses as “http://store.apple.com,” is actually a link to the cyber criminal’s servers. Once clicked, you’ll be led to an Apple ID sign-in page which looks very similar to Apple’s actual sign-in. This is where they capture your login credentials to access your account in the future. After a successful “login,” you’re then prompted with fields such as name, a second field for Apple ID and password.

Avoid this scam and similar ones by making sure you know what you are clicking on before you actually do so: Hover over the link to see the actual URL you are about to access. As the Mac Security Blog notes, all Apple URLs will be the formation of something.apple.com.

Better yet, as CNET recommends, don’t click on any e-mail link. Instead, go directly to the company website and use the resources there to update your account or access the features requested via e-mail.

Want to learn more about phishing and how to avoid becoming a victim? Check out the phishing section of the AllClear ID blog.

Views expressed are the personal views of the author, and do not represent the views of the National Foundation for Credit Counseling, its employees, its members, or its clients.