Crooks Target Apple Users with ‘Apple ID Expiration’ Phishing Scam

Apple users have always remained under the hammer of scammers and cyber criminals. Probably these malicious actors envy Apple users a lot and thus, keep launching new waves of phishing campaigns every now and then.

In the latest scam, cybercriminals have initiated another phishing campaign to acquire Apple IDs and Passwords through sending out unsolicited text messages. The message informs users that their Apple IDs are nearing expiration and in order to renew their accounts they need to provide their original credentials at a site. The message also contains the URL link to that website.

Never click on unknown links you receive on your email or phone

This scam is similar to the one launched by cyber criminals in December 2015 tricking users into sending their iCloud login data to avoid supposed Apple ID suspension.

According to Graham Cluey, a security expert, this website where users are directed to log in appears similar to Apple’s official website but it is definitely fake and when the user provides credentials another message pops-up. In the second message, the user is told that the account has been blocked due to “security reasons.” Then the user is informed that a new link needs to be checked to unblock the account. No matter what credentials the user enters, the same message appears every time.

Screenshot shows users receiving fake text message from scammers / Image Via Graham Cluey
Apple Users Your Payment Info Can Be Swiped By This New Phishing Scam A Compromised .GOV URL Hosting Phishing Attacks on Apple Users

This new page requires visitors to provide personal information such as mother’s maiden name, pet name and of course, the much-needed credit card details.

HackRead suggests that users must not download apps from unauthentic sources and if they do then they must especially pay attention to the permissions that an app requests for prior to downloading. Users also should keep modifying their usernames and passwords and if they suspect that their accounts have been compromised then they must report about it immediately. Needless to say that every user must ignore emails that asks for private details and financial information.

Related Posts