Email contains phishing scam, not iPhone 5S

Share this article:

A new phishing email circulating the globe is preying on Apple fans who are eager to get their hands on the coming iPhone 5S and iPhone 5C devices, which were recently announced on Tuesday.

Considering the quality of the English in the phishing email – which was sent to “Recipients” and claims to come from the Apple Store – it is no surprise that the scam has not yet had a tremendous impact.  

“Your email has Won the latest IPHONE5s Smart Phone & IPAD Promotional Events Held last week to claim your items, please Click on Online Catalog trade link and fill in with your correct email & password information's,” the body of the email reads, additionally containing an Apple-related signature and link.

Recipients are required to click on the link to claim their prizes, but doing so will route them to a dubious website that asks for their email address and password.

To the untrained eye, it may seem like the email and password is needed to validate the prize winner, but entering the information into the website will only send it to the scammers, who can then use the information for any number of things, including spamming.

“The most important thing to know is: ‘if it's too good to be true, it probably is,'” wrote Merianne Polintan, anti-spam research engineer with Japanese security software company Trend Micro, in a post announcing the scam. “Feedback provided by the Smart Protection Network indicates that this mail is particularly effective in targeting Southeast Asian users.”

Malaysia has by far been the number one most affected country in this campaign, according to a graph by Trend Micro (above). The phishing email has also claimed victims in Singapore, Germany, Japan and Taiwan.

Share this article:

Sign up to our newsletters

More in News

Pentagon to triple its security workforce by 2016

Pentagon to triple its security workforce by 2016

Defense Secretary Chuck Hagel recently announced the recruitment efforts during a speech in Fort Meade, Md.

Tech manufacturer's online payment system breached

LaCie confirmed an unauthorized party used malware to access its online payment system for almost a year and could have stolen customer information.

The Heartbleed bug works, and could be a scapegoat for older breaches

The Heartbleed bug works, and could be a ...

Researchers proved the Heartbleed bug was real in a challenge issued by CloudFlare to prove private keys can be stolen, right around the time companies are claiming they were breached ...