Phishing email lures users into giving up Apple ID

Share this article:
Apple users who downloaded the free OS X Mavericks update are receiving a phishing email.
Apple users who downloaded the free OS X Mavericks update are receiving a phishing email.

Free is sometimes fishy. In the case of Apple's free OS X Mavericks update, it is also phishy.

Apple users who downloaded their free Mavericks update – the technology giant released the latest version of its OS X operating system, 10.9, for free earlier this week – are reporting they received a fairly authentic-looking follow-up phishing email.

Macworld posted about the circulating email in a Wednesday article.

What may immediately lure people in is that aesthetically the email has the feel of a classic Apple correspondence. Additionally, the subject line reads: ‘Your Apple ID has been frozen temporarily,' which may raise alarms for those recipients only passively glancing through their email.

However, there are telltale signs that will tip off most to this timeless hoax – the most immediate of which is the abundance of spelling and grammatical errors.

However, the most telling indicator that this is a malicious ruse is one that may be overlooked by some of the Apple community. The phishing letter says, “Dear Customer,” instead of using the user's name, as is standard with Apple. 

Although the email comes from “no-reply@apple.com,” at least one variant comes via “jet.websitedns.in,” an Indonesian domain. Furthermore, the ‘Verify Now' link contained within one of the emails, which asks users to click to “restart your information,” redirects to a Thai website that reportedly prompts people to input their Apple data. 

Anyone who falls victim to the scam will have given up his or her Apple ID credentials. It is unclear at this time whether the links contain any malware that is downloaded to the victim's system, which will compromise the user even further.

Community members are urging recipients to report the scams to reportphishing@apple.com.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.