Online crooks are taking advantage of iPhone and iPad owners with a new, ingeniously timed phishing campaign designed to scare them into giving up personal information.
The scam emails, spotted by researchers at the security firm F-Secure, appear to be from the "Apple AppStore," with a message informing the recipient that their app order "has been successfully cancelled." Users are directed to click on a link titled "order information," to get to the bottom of the problem.
The link, of course, is malicious, and takes you to a drugstore website, F-Secure warns.
The true danger of this scam, however, is its cunning timing: the phony Apple AppStore message appears in email inboxes immediately after you purchase an app from Apple's legitimate App Store. F-Secure is not sure how the scammers know you just bought something from the App Store. [The Era of Mac Malware Immunity Is Over]
While landing on a pharmaceutical site may be nothing more than an inconvenience, if the phishers behind this plot were to reconfigure the corrupted link to direct traffic to a phony Apple Web page, it's possible even the savviest Apple customers could become unwilling victims of identity theft.