New iPhone phishing scam involves email sent from Apple servers
Summary created by Smart Answers AI
In summary:
- Macworld reports on a sophisticated phishing scam in which attackers use legitimate Apple servers to send convincing fake emails from appleid@id.apple.com.
- The scam involves fraudulent purchase alerts directing victims to call fake support numbers, where fraudsters attempt to steal financial information or install remote access software.
- Users should check suspicious emails through official channels, avoid calling numbers provided in emails, and promptly install security updates to protect against these evolving threats.
A new report from BleepingComputer details a phishing scam targeting Apple users. Suspicious emails are actually sent from Apple servers, which makes them convincing and increases the chances that someone will fall for them.
The email appears as an alert indicating that the user’s account has made an iPhone purchase. A phone number is provided to the recipient so they can call to cancel the order, but the number does not allow dialing an Apple support call center. Instead, it leads to the threatening agent posing as a support person. The recipient is informed that their account has been compromised and that they must provide financial information to handle the matter. They may also be asked to install remote access software so that the attacker can access the user’s computer.
According to BleepingComputer, emails are sent from appleid@id.apple.com, which originate from Apple servers and are not spoofed. It appears that the malicious agents have created an Apple ID and are sending phishing emails from the account. BleepingComputer was able to reproduce what it believes to be the method by which attackers create the Apple ID account to make it appear legitimate.
This new method attempts to defeat the most common way of verifying the legitimacy of a suspected scam email by inspecting the sender’s email address. The “@id.apple.com” is a legitimate Apple address, which also means that the email headers used display legitimate data from Apple servers.
How to protect yourself from phishing emails
This new attack is particularly deceptive because it renders useless a common way to verify legitimacy. It’s important to use different detection methods when you receive a suspicious email and not rely solely on one method. You should always check email addresses and sender headers to see if the origin servers are legitimate, but there are other things to check, such as an email’s wording and grammar, and whether email users are using generic and strange-sounding labels to identify you. Don’t click on links in unexpected emails.
If you receive an email requesting telephone contact and you can’t resist calling, do not dial the number listed in the email. Go to the company’s website and use the support number provided. Any request from a “support” person to install remote access software is a huge red flag.
We have more tips for you on how to protect yourself from phishing scams. Apple releases security patches through operating system updates, so it’s important to install them as soon as possible. If you’re using a third-party browser, Macworld has several guides to help you, including a guide on whether or not you need antivirus software, a list of Mac viruses, malware, and Trojans, and a comparison of Mac security software.
