IE 11 is not supported. For an optimal experience visit our site on another browser.

Phishing email seeks Apple billing info

Intego

You won't get an email from Apple asking you to update your billing information. But if you think you got one in recent days, delete it; it's a phishing scam designed to snatch that info from you, and it's definitely not from the Cupertino company.

The "vast phishing attack," as Mac software security firm Intego calls it, began around Christmas Day, and seeks to prey on those who got new Apple gear for the holiday. The spammers don't know whether you did or not; they do know that with Apple products as popular as they were on holiday gift lists, the odds are in their favor of getting some hits on this.

The email's subject line is "Apple update your Billing Information." Says Intego: "These well-crafted emails could fool many new Apple users, especially those who may have found an iPhone, iPod or iMac under their Christmas tree, and set up accounts with the iTunes Store or the Mac App Store for the first time. The messages claim to come from 'appleid@id.apple.com.'" And here's what it says:

Intego

Looks official, right?

Intego says if you click on the link in the message, you'd be taken to a "realistic-looking sign-in page, then, after entering your Apple ID and password, you’ll be taken to a page asking you to update your account profile, notably entering your credit card information. Again, this page looks realistic, and many of the elements it contains are taken from Apple's own Web pages."

But if you moved your cursor over the link in the message and waited for a "tooltip to pop up," you'd see this:

Intego

The URL that's shown is not an apple.com address, Intego says, "but rather a numerical address (we've blurred the first part of the address). At the end of the address is a page called apple.htm, which could fool people, but that’s not what’s important. Always look at the part right after the http:// in the URL: if it's not something.apple.com (it could be www.apple.com, store.apple.com, or something else), then it's bogus."

Thanks to Intego for the heads-up and the reminder that phishing scams may be at their worst during the holidays, but can also proliferate after them, too.

— Via TheNextWeb

Related stories:

Check out Technolog, Gadgetbox, Digital Life and In-Game on Facebook, and on Twitter, follow Suzanne Choney.