Scam Of The Week: Apple ID Suspension Phish With A Twist



scammers-threatning-users-with-apple-id-suspension-phishing-scam.pngOK, this scam is widespread enough to alert your users about. The email claims to be from Apple Support and both your Apple ID and iCloud are going to be suspended because you did not complete verification on time. With the massive amount of new Apple devices being sold at the moment, this attack may hit many employees.

Supposedly Apple had sent you an earlier email about this but they did not receive a response. The email has a "Verify now" link that allows you to complete the verification process and save your account from suspension. (Yeah, sure). If an employee clicks the link, they land on a bogus Apple login page asking for their credentials. But wait,
there's more!

You will be taken to a second fake page that asks for a large amount of your personal and financial information including credit card and banking details. The page is designed to look like a real Apple webpage and even includes seemingly legitimate information explaining in detail why you need to complete the verification process.

This scam even has retaliation against investigators testing the phish. If you enter false data that includes words such as ‘scam’ into fields on the fake form, your browser will automatically redirect you to a preconfigured Google search for pornography.

I suggest you send the following to all employees, and while you are at it, friends and family will also benefit.

"You need to watch out for a phishing scam that seems to come from Apple. The email is supposedly from Apple Support and they threaten that your account is going to be suspended because you did not reply to an earlier verification email. The phishing email has a link that allows you to "verify now" but if you click the link, you land on a bogus webpage that looks like it's Apple but is a fake, and it tries to manipulate you into giving out your password, credit card and other personal information.

Don't fall for this scam. Always go direct to the website of your vendor and do not click on links in emails that look like they are legit. Think Before You Click!" Happy and Safe Holidays."

Stepping employees through effective security awareness training combined with regular simulated phishing attacks is a must these days. Find out how affordable this is for your organization and be pleasantly surprised.

Get A Quote Now

 




Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews