Threat Management

Phishing campaign exploits fear of stolen iCloud data

A new phishing campaign that plays off Apple users' fears of stolen iCloud data popped up this past week following the compromise that exposed celebrity nude photos.

Symantec researchers noted in a blog post that the email scam disguises itself as a legitimate Apple email that tells victims their iTunes accounts were used to purchase a film on devices that haven't been linked to their Apple IDs. The email also provides the IP address that allegedly made the purchase and which is located in Vogograd, Russia.

At this point, worried victims are told to check their account status by clicking through to a provided link. Although the link takes users to a page that resembles Apple's website, victims who enter their credentials are in actuality turning their Apple IDs over to the attackers.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.