A new phishing scam campaign has been appearing in Apple users’ inboxes, which take the form of a warning message saying that the user’s account has been frozen, Hoax-Slayer has reported.
According to the scam e-mail, if the recipient opens the file attached to the message he or she will validate the account information and if this is not done the account will remain frozen. Needless to say, the account is not actually frozen; in fact the message is the work of cyber criminals who plan to steal the recipient’s personal and banking information.
If the unfortunate recipient opens the attached file, a malicious Apple account login page will open in the browser, where once the user is logged in, a second form (again fake) will appear asking the user for identifying data and credit card information.
After “verifying” those details on the second form, the recipient will be taken to the legitimate Apple website, leaving the user in a state of blissful unawareness, while in the meantime the information is in the hands of cyber criminals.
By using this sensitive information, fraudsters can steal the user’s identity, commit credit card fraud and hack the real Apple account.
Cyber criminals often use e-mail attachments such as this, which in most cases take the recipient to fake websites that appear to be legitimate.
Users should know that legitimate companies, Apple included, will never ask their customers to provide any sensitive information – financial, personal or other, via an unsecured HTML form attached in an email.