Apple last week shared a new support document that's designed to help App Store and iTunes users avoid phishing emails that mimic legitimate emails from Apple.
In the document, Apple outlines techniques to identify an actual App Store or iTunes email, which the company says will always include a current billing address, something scammers are unlikely to have access to.
Apple also says that emails from the App Store, iBooks Store, iTunes Store, or Apple Music will never ask customers to provide details like a Social Security Number, mother's maiden name, a credit card number, or a credit card CCV code.
Apple recommends that customers who receive emails asking them to update their account or payment information do so directly in the Settings app on an iPhone, iPad, or iPod touch, in iTunes or the App Store on a Mac, or in iTunes on a PC rather than through any kind of web interface.
Customers who receive a suspicious email can forward it to reportphishing@apple.com, and any customer who may have entered personal information on a scam website should update their Apple ID password immediately.
Scam and phishing emails like those Apple describes in this support document are not new, but at the current time, there's a new wave of legitimate-looking emails going around that look much like Apple emails that can easily fool customers who don't know what to look for.
Top Rated Comments
Bonus: tell anyone sending html only to not be a muppet, helping the phishers by conditioning users to accepts such emails. Ask them to include the regular plain text body for those who are trying to not be phished.
[doublepost=1519875375][/doublepost] They often do. My spam filter (ASSP) correctly flag all the phishing emails I get as spam. When reviewing stuff in my spambox for false positives, I often take a second look at things that look like they came from Netflix or Apple, only to realize they were correctly flagged. But remember there are a ton of email providers out there with various types and qualities of spam filters.