AppleID phish, and how to recognize phish messages

My long-time mate Roger Thompson at Thompson Cyber Security Labs has flagged a Pretty good Apple phish worth noting. (Not good in a good way!) Some phishing attacks are laughably amateur, but as Roger says, this one is likely to catch a few people out.

He includes a number of screenshots of an attack aimed at AppleID users: the original email message warns of an ‘issue’ with payment. If you click the link – you know not to click on login links embedded in messages, right?* – it takes you to a pretty good facsimile of the AppleID site.

If you view that screenshot on a small screen like a cellphone, you may not be able to read the URL properly, but a closer look reveals that it’s not, in fact, appleid.apple.com. Be aware, though, that there are ways of spoofing a URL so that it really does look like the real site in the browser.

If you do put in an account name and password, you’re invited to ‘verify’ your account, after which you’re asked for your credit card details. Oops…

Be aware, though, that even campaigns targeting a particular group of potential victims (like users of a specific bank or provider of other services such as Microsoft or Apple) don’t usually rely on a single email message/landing site/, so there will be other messages that look quite different, and which may target users of other services. The trick is to know what scammer tricks to look for whenever you get a message inviting you to login to such services.

Here’s a link to an article – Phish Allergy – Recognizing Phishing Messages – that encapsulates quite a lot of information and advice I’ve put together over the years. (Oddly enough, it seems to have been partly sparked by another spate of phishes targeting Apple users, but the advice is generic and doesn’t seem to have dated particularly.)

*If I may quote from that ESET article: “If you have a pre-existing relationship with the organization, for instance if you already do e-Banking with them, you should already have a standard login procedure: use that rather than responding to a possibly random email.”

David Harley



*** This is a Security Bloggers Network syndicated blog from Mac Virus authored by David Harley. Read the original post at: https://macviruscom.wordpress.com/2018/02/28/appleid-phish-and-how-to-recognize-phish-messages/