The Mac Security blog reports that a large of Apple customers have received fraudulent emails, which is disguised as an official email from Apple with the subject “Apple update your Billing Information” requesting users to update their billing information.
The Mac Security blog reports that the phishing scam is targeted at customers who may have bought a new Mac, iPhone or other Apple products during the Christmas shopping season:
A vast phishing attack has broken out, beginning on or around Christmas day, with e-mails being sent with the subject “Apple update your Billing Information.” These well-crafted e-mails could fool many new Apple users, especially those who may have found an iPhone, iPod or iMac under their Christmas tree, and set up accounts with the iTunes Store or the Mac App Store for the first time. The messages claim to come from “firstname.lastname@example.org.”
Here’s a copy of the email that is sent out to users:
While the email states that the link is for http://store.apple.com, if you hover over the link, you’ll notice that it points to a fake Apple website, which hosts a realistic looking login page to fool people in to entering their login details.
Please be extremely careful. Apple has a good knowledge base article (link) about how to identify such fraudulent phishing emails, please don’t forget to read it and also pass it to your friends and family.
[via The Mac Security Blog]