iTunes phishing email threatens suspension
It’s been awhile since we observed a phishing email campaign targeting iTunes users, or Apple users in general. This lull has been broken with the latest iTunes phishing email. This one threatens account suspension. Luckily, the email provides a link to click on that will resolve the issue (or so the email says). It’s all a scam, of course.
Actually, it’s hard to know what to make of this email. We have, as always, provided a screenshot as Figure A. The email does use a small Apple icon. The subject line is “Your account will be suspended”. The sender of the email is the “itunes security team”. The email greets you with a “Dear Customer” and signs off with a copyright notice. The address in Luxembourg is genuine; Apple uses this for various iTunes emails and websites. A single link is contained in the email. The link uses the anchor text “Verify your account”.
The reason for the email is because the recipient’s iTunes account has been used for fraud. The email goes on to say that the user’s iTunes account will be suspended. The user can lift the account suspension by clicking on the link and supplying account details. Apart from that, there is not much else to this email.
This email is itself a fraud. The first two sentences tend to give away that this email is not from Apple. The wording of the sentences is quite poor. The greeting is another sign. Apple use the name of the person in which an account is held, rather than a generic “Dear Customer”. Finally, mousing over the link shows that it does not lead to apple. We checked, and it leads to a phishing site. Whilst the phishing site looks like an Apple site, it is not genuine. The phishing site is designed to steal the user’s credit card details. Once again, delete this email. It is a fake.
Apple has a page dealing with phishing attempts such as these.