A new phishing campaign that plays off Apple users’ fears of stolen iCloud data popped up this past week following the compromise that exposed celebrity nude photos.
Symantec researchers noted in a blog post that the email scam disguises itself as a legitimate Apple email that tells victims their iTunes accounts were used to purchase a film on devices that haven’t been linked to their Apple IDs. The email also provides the IP address that allegedly made the purchase and which is located in Vogograd, Russia.
At this point, worried victims are told to check their account status by clicking through to a provided link. Although the link takes users to a page that resembles Apple’s website, victims who enter their credentials are in actuality turning their Apple IDs over to the attackers.