Phishing email lures users into giving up Apple ID

Share this article:
Apple users who downloaded the free OS X Mavericks update are receiving a phishing email.
Apple users who downloaded the free OS X Mavericks update are receiving a phishing email.

Free is sometimes fishy. In the case of Apple's free OS X Mavericks update, it is also phishy.

Apple users who downloaded their free Mavericks update – the technology giant released the latest version of its OS X operating system, 10.9, for free earlier this week – are reporting they received a fairly authentic-looking follow-up phishing email.

Macworld posted about the circulating email in a Wednesday article.

What may immediately lure people in is that aesthetically the email has the feel of a classic Apple correspondence. Additionally, the subject line reads: ‘Your Apple ID has been frozen temporarily,' which may raise alarms for those recipients only passively glancing through their email.

However, there are telltale signs that will tip off most to this timeless hoax – the most immediate of which is the abundance of spelling and grammatical errors.

However, the most telling indicator that this is a malicious ruse is one that may be overlooked by some of the Apple community. The phishing letter says, “Dear Customer,” instead of using the user's name, as is standard with Apple. 

Although the email comes from “no-reply@apple.com,” at least one variant comes via “jet.websitedns.in,” an Indonesian domain. Furthermore, the ‘Verify Now' link contained within one of the emails, which asks users to click to “restart your information,” redirects to a Thai website that reportedly prompts people to input their Apple data. 

Anyone who falls victim to the scam will have given up his or her Apple ID credentials. It is unclear at this time whether the links contain any malware that is downloaded to the victim's system, which will compromise the user even further.

Community members are urging recipients to report the scams to reportphishing@apple.com.

Share this article:

Sign up to our newsletters

More in News

Research shows vulnerabilities go unfixed longer in ASP

Research shows vulnerabilities go unfixed longer in ASP

A new report finds little difference in the number of vulnerabilities among programming languages, but remediation times vary widely.

Bill would restrict Calif. retailers from storing certain payment data

The bill would ban businesses from storing sensitive payment data, for any long than required, even if it is encrypted.

Amplification, reflection DDoS attacks increase 35 percent in Q1 2014

Amplification, reflection DDoS attacks increase 35 percent in ...

The Q1 2014 Global DDoS Attack Report reveals that amplification and reflection distributed denial-of-service attacks are on the rise.