Go to top of page

Sophisticated Apple ID phishing email “Update your Apple ID account”: SSO Alert Priority High

Priority Level: 
High
21 August 2013

Apple ID account holders targeted by double chance phishing email

Apple ID account holders need to be cautious of a sophisticated phishing camping targeting your Apple ID, personal information and credit card details.

REMEMBER: You will have an Apple ID if you have registered to use iTunes or many other Apple products. You don’t need to own an Apple iPhone or Mac to have an Apple ID.

The phishing email looks official and currently includes the subject line “Update your Apple ID account”. Other known subject lines include: “Please update your Apple ID”, “Please verify the email address accociated [sic] with your Apple ID”, and “Your Apple ID has been Disabled for Security Reasons”. Similar versions could also reference iTunes.

The email includes a link which, when clicked, takes you to a fake, but realistic looking Apple website asking you to sign in to your account.

Fake Apple email including 'Update Now' link

An example of the phishing email: clicking the “Update Now >” link will take you to a fake Apple sign in page

Screen grab of fake Apple sign in page including fields to input Apple ID and Password

The first fake Apple web page

If you enter your account details they are immediately sent to the scammer, however this is a two-stage scam, and once you have entered your Apple ID and password it will continue, taking you on to a second fake page where you are asked for further information including your credit card details.

Screen grab of fake Apple page including fields to input credit card information

The second fake Apple web page, seeking extra information

The fake website has been customised to specifically target Australian Apple ID account holders and features a number of design details tailored to lure Australians, such as a field requesting Medicare Card numbers and Australian flag icons.

Some inconsistencies, such as the request for your “3D Secure” number or the placement of a Discover Credit Card logo (predominately US features), offer clues to suggest this is a fake page.

The most important indication that this is a scam is the assurance from Apple that they will not contact you seeking critical information via an unsolicited email.

If you need to log on to manage your Apple ID account or any other online service, source the website address independently of any such emails and type it directly into your browser.

Avoid phishing emails

Always be suspicious of unsolicited emails.

Do not click links or open attachments unless you are confident about the sender and information the email contains. The best advice is to simply delete the email.

If you are uncertain about the origin of any email you can always cross check the information by going independently to the company’s website or by calling them directly.

Apple customers also have the option of activating two-factor authentication for their Apple account.

More information

Read Stay Smart Online’s advice about avoiding phishing and advice about spam. 

Stay Smart Online has also recently warned of an increase of phishing campaigns targeting Apple customers.

If you believe you have been a victim of a phishing scam, contact your bank and any institution (such as Apple) involved in the scam. Don’t use contact information that could have been provided by the scammers.

We recommend you report all scams to SCAMwatch (the Australian Competition and Consumer Commissioner).

The information provided here is of a general nature. Everyone's circumstances are different. If you require specific advice you should contact your local technical support provider.

The information provided here is of a general nature. Everyone's circumstances are different. If you require specific advice you should contact your local technical support provider.

Information provided by ACMA.

ACMA logo

Feedback

Thank you to those subscribers who have provided feedback to our Alerts and Newsletters. We are very interested in your feedback and where possible take on board your suggestions or requests.

Disclaimer

This information has been prepared by Enex TestLab for the Department of Broadband, Communications and the Digital Economy ('the Department'). It was accurate and up to date at the time of publishing.

This information is general information only and is intended for use by private individuals and small to medium sized businesses. If you are concerned about a specific cyber security issue you should seek professional advice.

The Commonwealth, Enex TestLab, and all other persons associated with this advisory accept no liability for any damage, loss or expense incurred as a result of the provision of this information, whether by way of negligence or otherwise.

Nothing in this information (including the listing of a person or organisation or links to other web sites) should be taken as an endorsement of a particular product or service.

Please note that third party views or recommendations included in this information do not reflect the views of the Commonwealth, or indicate its commitment to a particular course of action. The Commonwealth also cannot verify the accuracy of any third party material included in this information.