Sophos Cloud Optix
Ever received an email that looks for all the world like it’s from Apple? Like, maybe a receipt from an iTunes purchase that you don’t remember making?
Well, that’s easy to fix, right? Just click on the link to update your account information and…
Ooops! Increasingly, chances are if you click, you wind up being phished.
Phishing scams that pose as official Apple emails are getting more and more sophisticated. On Tuesday, 9to5Mac reported on one recent version: phishing attacks posing as App Store subscription renewal messages.
On Friday, Apple posted a quick guide to help customers tell the difference between phishing emails and legitimate email from its App Store, iTunes Store, iBooks Store or Apple Music.
Apple says that scammy emails often resemble official Apple correspondence – same formatting, same language and same graphics. That includes, for example, the official apple-with-a-bite logo and/or that Apple Music pink and blue eighth note icon.
E-swindlers often try to trick us into sharing our personal or financial information by sending us messages or links to sites that look like they’re from Apple, but which in reality are out to steal our account information. From the iCompany’s post:
Some phishing emails will ask you to click on a link to update your account information. Others might look like a receipt for a purchase in the App Store, iTunes Store, iBooks Store or for Apple Music, that you’re certain you didn’t make.
“Never enter your account information on websites linked from” such messages, Apple said, and “never download or open attachments included within them.”
You might well ask OK, if I don’t click on that link, how can I correct what I know is a charge I didn’t make?
Easy, Apple says: if you get an email asking you to update your account or payment information, do it directly on your iOS device, under Settings, or do it in the Settings for the iTunes or App Store on your Mac, or in iTunes on a PC.
Ditto for requests to update your password: only do it in Settings on your device or at appleid.apple.com.
It’s great advice, and it echoes that handed out by Staysafeonline.org in the lead up to holiday shopping last year: Stop. Think. Connect.
Naked Security’s Paul Ducklin says you can try the logic on for size:
- If these messages are true, you don’t need to click – you can just head over to Apple’s website manually, or open the App Store app yourself.
- If the messages are not true, you don’t want to click, for obvious reasons.
- Therefore, true or false, your best action is not to click.
Here are some other red flags that can indicate that a phisher is spoofing emails from Apple:
- Requests for personal information, such as your taxpayer ID/Social Security Number, mother’s maiden name, full credit card number, or your credit card CCV code. Apple never asks for that information to be sent over email.
- No billing address. Genuine purchase receipts – from purchases in the App Store, iTunes Store, iBooks Store, or Apple Music – include your current billing address, which Apple says scammers are unlikely to have. You can also review your App Store, iTunes Store, iBooks Store or Apple Music purchase history.
If you’re thinking, Uh-oh, I think I already fell for something, Apple asks that you report it to reportphishing@apple.com. If you’re on a Mac, forward the email as an attachment from the Message menu.
And if you think you might have entered personal information like a password or credit card info on a scam website, Apple says you should immediately change your Apple ID password.
I appreciate the detail in this article. Well written and too the point!