Dec 5 / Admin

New Scam Alert: Consumers’ Favorite Cyber Deal: Apple Email Attack

Armorblox reported: 

Attackers crafted the targeted email in order to convince recipients that they were receiving a legitimate email communication from the brand Apple, Inc. With the subject of the email reading:

We’ve suspended your access to apple services

It is clear the attacker’s intention was to establish a sense of urgency in order for the email to be opened. Once opened, unsuspecting victims were met with minimalist email (black with white text) informing recipients that validation of the card associated with his or her apple account failed to validate. The consequence was clear – access to services that use the account would be lost.

This fake landing page includes language around why the unsuspecting victim was navigated to this page – an automatic process to validate the visitor’s human identity. CAPTCHA tests are commonly used to tell humans and computers apart, an unsuspecting victim who had navigated to this page would have seen this as just another layer of security that he or she believed Apple, Inc. had instilled. Unfortunately, victims who inputted the simple 4-digit code were then navigated to a login page with the goal to exfiltrate sensitive user credentials. 

Find out more with the original article here.

Enroll in Training Sessions:  Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat
* indicates required