Wednesday 4 February 2015

Yet another phishing email

I've received a number of emails in the last 48 hours, each apparently from Apple suggesting that:
"This is the final email to inform you as of 03 - February - 2015 that you have not yet updated your account information. Under "Know your Customer" legislation Apple is required to perform a verification of your account, failure to do so will result in account termination in less than 48 hours.

To stop the termination of your Apple and iCloud please validate your account information before the deadline."
Each had a link encouraging me to "Verify your iTunes Profile". However instead of linking to an Apple web site they all went elsewhere.

One went to "kycprofileupdate.eu", certainly not an Apple site and a domain that was only registered yesterday:


The other went to "iapplemessagecentre.com", also nothing to do with Apple and also registered yesterday:

Another went to "applekeyassist.net", yet again, nothing to do with Apple and only registered earlier today.


All of the links redirected me to a VERY impressive copy of an Apple web site where you would enter your Apple ID and password:


When you enter these details (I entered a fake ID and a rather rude password that suggested a close relationship between scammers and farm animals) you are then redirected to a Google page and this is the clever bit. The Google page you visit has already done a search for:


Anyone's first reaction to seeing that is going to be shock, followed closely by horror that the internet will think you've been search for child pornography. That's almost certainly going to make you overlook the fact that you just gave away your Apple ID and password and before you know it your profile will have been compromised.

This is nothing to do with Apple of course, the target could just as easily be your Gmail, Yahoo or Hotmail account.

The lesson is simple. Don't click on links in emails unless you either trust the person who sent it or you look very carefully at where the link will take you.

No comments: