It’s one of those issues we all dread: waking up to an email telling you that your Apple account risks termination. But fear not; this latest email is not a genuine email from Apple. It is another phishing email.

We have reproduced the email as Figure A. There is no Apple branding or logos used, apart from the background pane. The email greeting is “Dear Customer”. The subject line of the email is “Your Account Will Be Limited Please Update It”. The sender of the email lists “Apple Inc”. Checking the actual email shows the email domain as “ap-ple”. This is designed to trick people.

There are two links in the email. One is to the genuine Apple site, and is located towards the bottom of the email. The second is located in the middle of the email, and is a link to a malicious site. The text of the malicious link is “Verify Now”. Usage of a mixture of genuine and malicious links is becoming a common practice as phishing emails attempt to evade detection.

Figure A – Click to Enlarge

The email does brandish an admonishing finger at the user in its wording. The opening line of “you’ve placed your Apple ID under the risk of termination by not keeping your information up to date” is a call to action. Of course, this is the impression the crafter of the email wanted to give. The email goes further. The second stanza informs the user that when they don’t update their details, Apple will send “verification emails”. The email states that you will need to click on a link in the email to proceed with verification.

There are several signs that this email is bogus. For one thing, the email greeting is generic. Another sign is the poor grammar of the email. Finally, the link that the email requests you to click links back to a malicious site that is a crude copy of the genuine Apple site. Delete this email if you receive it.

