By Nerino Petro at 17 April, 2017, 9:22 am
According to the good folks over at KnowBe4.com:
The bad guys are targeting Apple users with emails that appear to be coming from Apple and aim to trick unsuspecting users into handing over their personal information. Once the personal information is given, the cybercriminals will have everything they need to steal victim identities or make fraudulent purchases on their credit card.
According to a report from Help Net Security, the malicious email welcomes the recipient to iCloud Mail but tells them that Apple has been unable to confirm their account information. As a result, their “account has been temporarily suspended”. It prompts the user to click on a link to reset their account. Those that fall for the attack land on a fake Apple login page, which asks them to enter their personal information, including their Apple ID and password, credit card info, date of birth, address, and phone number.
The key to avoid falling for this kind of attack is to ALWAYS be on guard online. Do you normally receive emails from Apple at work? If no, this should be your first and biggest red flag.
If you do get an unexpected email, do the following so you don’t become another victim:
- If you ARE NOT an Apple or iCloud user, delete the message or report it to your IT team.
- If you ARE an Apple or iCloud user and believe the email could be legitimate, go directly to Apple’s website to investigate issues with your account. Do NOT click on any links in the email or dial any phone numbers you see.
Remember, Think Before You Click! Let’s stay safe out there.
Stop Look Think – Don't be fooled
The KnowBe4 Security Team
KnowBe4 provides training and other resources to help you and your employees praactice better security. In full disclosure, I am a user and reseller of their products.