Apple users are being warned to avoid a devious phishing scam which claims to be a purchase confirmation email from the Apple App Store.
The phishing email, which contains a PDF attachment, requests that the recipient clicks a link to report if the transaction was unauthorised. By clicking on the link, the user is directed to a phishing website that mimics Apple's account management page and requires them to enter a username and password.
Once the details are entered, the user receives an error message stating "This Apple ID has been locked for security reasons. You must unlock your account before signing in.
In order to ‘unlock’ the account, the victim is prompted to enter additional information, including their full name, address, telephone number, payment information and answer a number of security questions. They are then redirected to a page stating that the session has been timed out for security reasons.
With such a wealth of sensitive information now entered into the phishing website, scammers are in a prime position to exploit the data to break into other accounts, attempt to steal identities, hold it for ransom or sell the information on.
With more people than ever getting caught out by phishing scams and clicking on URLs that are designed to steal sensitive information or infect their computer with malware, there are a number of simple ways to protect yourself and your business from phishing.
Our award winning MetaPhish platform provides a powerful defence against phishing and ransomware attacks by training employees how to identify and respond appropriately to these threats.It has helped protect organisations across the world from this ongoing threat and provides the first line of defence against phishing attacks.