Another Apple update account phishing email
There seems to be no end to the influx of phishing emails. Over the weekend another variation on the theme of update your account emerged. This campaign targets Apple users with an email that says, in effect, that your account details need an update. The email is of course a fake. But it does have a few nasty features, including an html attachment that asks for many personal details and in some cases causes malware to be downloaded.
Figure A shows the email. It is actually a fairly basic email. The subject line of the email reads “incorrect information on your account”. It is all in lower case. The sender of the email is shown as “Apple Support”. There is no branding present in the email. Nor is there any copyright information at the bottom of the email. The email begins “Dear Customer” and ends rather abruptly. The sign-off to the email is simply “Sincerely,”. Attached to the email is an html document called “infirmations.html”. Again, the document is all in lower case, and it is spelt infirmations.html.
The body of the email informs the recipient of a deficiency in their Apple account information. Some of it is “missing or incorrect”, according to the email. The recipient is pressed to update the information, or risk having their Apple account limited. The timeline for updating the information is set at two days. The user is therefore encouraged to download the document and fill in their personal details.
Unfortunately, only a couple of things happen when you download the form and fill out the details. Firstly the details are sent on to criminals who can then steal credit card details and other personal information. Secondly, in some cases, malware is installed on the victim PC, which adds the PC to a botnet.
There are signs this is a fake email. There are no links back to the official Apple site. The email is not personalised. Apple has a page dealing with this type of email phishing scam. Two points on this email are relevant: the email greeting and the attachment. The email greeting should raise suspicions, and the fact there is an attachment should amplify suspicions. If you do receive this email, don’t download the attachment. Delete the email if you receive it.