Summary created by Smart Answers AI
In summary:
- Macworld reports on a sophisticated phishing scam where attackers use legitimate Apple servers to send convincing fake emails from [email protected].
- The scam involves fraudulent purchase alerts directing victims to call fake support numbers, where scammers attempt to steal financial information or install remote access software.
- Users should verify suspicious emails through official channels, avoid calling numbers provided in emails, and install security updates promptly to protect against these evolving threats.
A new report from BleepingComputer details a phishing scam targeting Apple users. The suspicious emails are actually sent from Apple servers, making them seem convincing and increasing the chances of someone falling for them.
The email poses as an alert that the user’s account has made an iPhone purchase. A phone number is provided for the recipient to call to cancel the order, but the number does not dial an Apple support call center. Instead, it leads to the threat agent who poses as a support person. The recipient is told that their account has been compromised and that they need to provide financial information to handle the matter. They may also be instructed to install remote access software so the attacker can gain access to the user’s computer.
According to BleepingComputer, the emails are being sent from [email protected], which originates from Apple servers and is not spoofed. It appears that the threat agents have created an Apple ID and are sending phishing emails from the account. BleepingComputer was able to replicate what it believes is the method in which the attackers create the Apple ID account to make it appear legitimate.
This new method is an attempt to thwart the most common way to check the legitimacy of a suspected scam email by inspecting the sender’s email address. The “@id.apple.com” is a legitimate Apple address, which also means the email headers that are used display legitimate data from Apple servers.
How to protect yourself from phishing emails
This new attack is especially deceptive because it renders useless a common way to check for legitimacy. It’s important to use different detection methods when you get a suspicious email and not just rely on one method. You should still check sender email addresses and headers to see if the originating servers are legitimate, but there are others things to check, such as the wording and grammar of an email, and whether the email users generic, odd-sounding labels to identify you. Don’t click on links in unexpected emails.
If you get an email that requests phone contact and you can’t resist the urge to call, don’t dial the number in the email. Go to the company’s website and use the listed support number. Any demnd by a “support” person to install remote access software is a huge red flag.
We have more tips on how to protect yourself from phishing scams. Apple releases security patches through OS updates, so installing them as soon as possible is important. If you use a third-party browser, Macworld has several guides to help, including a guide on whether or not you need antivirus software, a list of Mac viruses, malware, and trojans, and a comparison of Mac security software.
