Account temporarily locked phishing email
Today’s email phish starts with the subject line “Your Apple Account has been temporarily locked”, and threatens dire consequences if you don’t take measures to rectify the issue within 24 hours. Dire measures such as having your Apple/iCloud account terminated, apparently to “safeguard our system.”
Needless to say, the email is a fake. Figure A shows the email in question. Ostensibly the reason for the email is to inform the user that their Apple ID needs validation. The email goes on to say that the validation is a “security measure” that will “protect your iCloud Account from unapproved use.”
Of course, failure to do as the email says means that you won’t be able to use any of the Apple services, such as iTunes and the App store. And if you don’t carry out the action required of the email within 24 hours, your Apple ID will be locked and possibly terminated.
The email presentation is fairly basic, though there is an Apple icon in the top right hand corner of the email. The sender of the email is listed as “Apple iTunes”, and the sign off is listed as Apple AU Support. A Case support ID is supplied to lend some credence to the idea that this is an authentic issue.
One of the more interesting aspects of the email is the sender. Checking the sender of the email shows an email domain name that is typographically similar to an Apple domain. This type of trick is one that criminals are known to employ.
This particular email is one sample of several Apple related phishing emails stopped by the MailShark email filters over the past few days. Looking further into the email shows a few red flags. The link provided in the email is not to an Apple or Apple associated site. Some of the grammar is fairly poor. The email also lacks personalisation.
Apple have provided guidelines on how to identify legitimate emails. This email is a phishing email. Delete it if you receive it.