Two more Apple phishing emails

Two more Apple phishing emails

Two more Apple phishing emails targeting Apple users have been stopped by our anti-spam filters this week. Both are about the same level of complexity, and both play on people’s fears about internet security.

Figure A shows the first email. This one is supposedly from Apple Support, and informs the user that their account has been locked. The reason given is that suspicious activity has been detected. The recipient is informed that they need to update their personal details and are supplied with a link to do the same.

MailShark Two more Apple phishing emails. Apple phish.
Figure A – Click to Enlarge

The subject line of the email reads “Update your account within 24 hours”, whilst the sender is listed as “Support Apple”. A link in the body of the email is supposedly to allow the user to easily login to Apple; however, mousing over it reveals it to link back to a phishing site.

There are other signs that this email is not legitimate. The email is not personalised; Apple always personalise emails. There are several links supplied in the email; none of them are to a legitimate Apple site. Finally, the sender of the email is not from an Apple domain.

The second email is as shown in Figure B. This one pursues a similar theme to the previous email: your Apple id is locked, therefore you need to login to resolve the issue.

MailShark Two more Apple phishing emails. iTunes Phish.
Figure B – Click to Enlarge

The subject line of the email is “Your Apple Account”, whilst the sender is “Apple iTunes”. The criminals have included a link in the email to enable the recipient to login to “re-enable” their Apple id.

Mousing over the link provided in the email shows a long URL that uses apple three times, app twice, iTunes once and verify1 once. This is a further attempt to trick users as it lends an air of legitimacy to the link.

The email domain name is also very similar to an Apple domain name; again, this is designed to try to further fool users.

Despite the added trickery, the content of the email rather lets the deception down. The grammar is quite poor and the salutation is not personalised. Neither of the two emails has much in the way of realistic Apple logos or branding.  Perhaps the criminals felt that the fake domain names would be sufficient to lure users into clicking.

If you receive either of these emails, delete them.

Have a Happy Christmas and a safe New Year.

Scott Reeves
Free anti-spam service
Free email filter service

Share This Post

Post Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.