Blocked iTunes Account Warning Email
A blocked iTunes account warning email is attempting to reach inbox’s but has been caught by MailShark spam filters, phishing for your log in information. iTunes is an Apple product that is used to play, download and organise audio and video material. Keep reading to find out more about this phishing scam attempt.
Figure A shows the blocked iTunes account warning email’s contents. It is plainly branded with the Apple logo in the top right corner. The email consists of mostly text and has one main call-to-action to “deblock” your account – notice the use of the word deblock instead of unblock. The Merriam-Webster dictionary defines this word as meaning “to relax or remove monetary restrictions on (as the transfer of bank funds or currency out of a country)” which really has nothing to do with “unblocking” an Apple account.
This email also contains no personal greeting and even the subject line is a giveaway of its true intentions. The subject line reads “✔ [ iTunes ] : Your Account Suspended Please Deblock It . ✉ #Apple = 67571927360090776” which is not something Apple would have sent to their customers. The sender is shown as “Apple Suspend” but the email address used is clearly fake and in no way associated to the official iTunes website. The content states you have 48 hours to confirm your account, which is a tactic to encourage you to click through – doing so will lead you to a malicious phishing website.
Figure B is a safely captured screenshot of the malicious phishing website in question. It is well branded to look like the official log in page. This page wants to trick you into logging in so it can gather and possibly share your data. Clicking anywhere on this webpage will put your computer and personal information at risk so avoid reaching this page at all costs by not clicking any links within the email and deleting it from your inbox.
Phishing emails can be easy to fall for if you are in a rush or stressed about the email’s contents, so take your time to evaluate the email, who it came from, what it wants you to do and look at things like the sender’s email address and the URL of a website. All can be dead giveaways of a scam attempt.