Got a tip for us? Share it...

New in OS X: Get MacRumors Push Notifications on your Mac

Resubscribe Now Close

New Apple ID Phishing Effort Compromises Over 100 Sites

As highlighted by The Next Web, security firm Trend Micro yesterday outlined a new phishing scam that has seen the perpetrators compromise over 100 sites in their attempts to gain access to users' Apple ID accounts. While Apple IDs are relatively popular targets for phishing scams, Trend Micro's analysis offers some interesting detail on the approaches used by the criminals.
We’ve identified a total of 110 compromised sites, all of hosted at the IP address 70.86.13.17, which is registered to an ISP in the Houston area. Almost all of these sites have not been cleaned. [...]

We’ve seen attacks targeting not only American users, but also British and French users. Some versions of this attack ask not only for the user’s Apple ID login credentials, but also their billing address and other personal and credit card information. It will eventually result in a page that states that access has been restored, but of course the information has been stolen.
Trend Micro's sample of a spam message designed to trick recipients into sharing their account information at the compromised sites shows a very poor attempt at copying Apple's email style, but inexperienced Internet users are undoubtedly still falling for the scheme.

apple_id_phish
Trend Micro offers a number of suggestions to help users protect themselves from phishing scams, including checking for consistent domains throughout email addresses and links included in an email and checking for indicators that the user is at a secure site associated with the correct company.

While phishing scams rely on the gullibility of users to direct them to fake account management sites, Apple has sought to increase account security on its own site with its recent introduction of two-step verification to help minimize the possibility of an unauthorized party gaining access to a user's account. That feature is, however, only available in a handful of countries for the time being.

Top Rated Comments

(View all)

13 months ago
If any of you fall for that email, raise your hand and hit yourself with it.
Rating: 32 Positives
13 months ago
Why you email he sent, indeed.
Rating: 27 Positives
13 months ago
Oh for Pete's sake! LOOK at the email. Putting a stupid Apple logo on the top doesn't mean people should suddenly lose the ability to see this obvious phishing attempt. By the way "inexperienced internet users" is irrelevant. The broken English and crazy wording should have been enough of a tip to ANY sensible person.
Rating: 25 Positives
13 months ago
That email true is. They fix helped me my Loging correctly. You should send infos by next 48 hours!
Rating: 10 Positives
13 months ago

Why you email he sent?


Yay, better enter my Apple ID.
Rating: 8 Positives
13 months ago
Tim Cook is a supply chain and operations guy, not an English professor. He probably needed to quickly get this e-mail out to let the users know.

I, for one, am glad that I got this and was quickly able to get my security credentials in order. We'll see how much you are all laughing when your Apple IDs get closed down.
Rating: 8 Positives
13 months ago

Oh for Pete's sake! LOOK at the email. Putting a stupid Apple logo on the top doesn't mean people should suddenly lose the ability to see this obvious phishing attempt.


It is bloody hilarious that the Apple-Logo not even has the right aspect ratio, let alone proper use of upper- and lowercase.

For reference: :apple:

Who falls for this?
Rating: 7 Positives
13 months ago
These things mostly seem to have really terrible grammar. So easy to spot I would think.
Rating: 7 Positives
13 months ago
Read before you click? I mean, come on, seriously?
Rating: 6 Positives
13 months ago

Why you email he sent, indeed.



Oh come on people, of course this is real....I'd answer an email from Yoda's retarded cousin any day of the week and give them whatever they ask for!
Rating: 6 Positives

[ Read All Comments ]