According to Intego’s Mac Security Blog, scammers are going after Apple users, trying to get their billing information. It’s probably a hot time of year for these phishing attacks, since a lot of people probably got new Apple products for Christmas.
The attack started on Christmas day and have the subject line:
Apple update your Billing Information.
F**k it, we'll do it live!
Our biggest ever edition of TNW Conference is fast approaching! Join 10,000 tech leaders this May in Amsterdam.
Of course, whenever you get an email asking you to update your billing information, it’s probably a fake. That’s not to say that this attack won’t be successful, with a lot of new Apple customers seeing the email. Apple only asks you to update your account billing in its store and on one of its devices when making a purchase.
This is what the rest of the email looks like:
The email looks legit enough at first glance, but the link that’s in it goes to a random site that isn’t owned by Apple:
This is a common phishing scam which seems obviously fake, but when you take the context and timing of Christmas into account, this attack can be quite successful at massive scale. Imagine your mom using a new MacBook and getting this email today, it might make perfect sense to her that Apple is reaching out, since she just got the new machine.
If you’ve gotten a new Apple product or know someone who did, beware of this scam and remember that your billing information should be guarded with your life.