FROM THE COMODO LABS: Apple IDs Being Targeted In New Global Phishing Email Scam

November 9, 2015 | By Comodo

The Comodo Antispam Labs (CASL) team has identified a new global phishing threat, targeted at all businesses and consumers who have Apple IDs – a phishing threat designed to try and steal IDs, passwords and credit card information. Apple has reported it has more than 800 million iTunes accounts.*

The “fake Apple” phishing email looks like an official Apple email having the Apple logo and including Apple physical address listed, as well as an email address that looks to be from Apple officials– giving the recipient the illusion of an email being authentic.

The email tells the recipient that there are some limitations on their Apple account and in order to fix it, the recipient must provide some information in the link provided. When the recipient clicks on the link, it takes them to additional pages with a similar Apple look and feel, asking them to verify credit card information and passwords. This is where the cyber thief steals the information.

The Comodo Antispam Labs team identified the Apple phishing email through IP, domain, and URL analysis, and the Labs’ continuous monitoring and scanning of data from the users of Comodo’s internet security systems.

“The Comodo Antispam Lab is an expert resource of engineers and computer science professionals, who use innovative and proprietary Comodo cybersecurity technology to protect and secure the online world,” Fatih Orhan, Director of Technology for Comodo. “We will continue to work diligently in creating and implementing innovative technology solutions that stay a step ahead of the cyber criminals, and keep enterprises and IT environments safe.”

If you feel your company’s IT environment is under attack from phishing, malware, spyware or cyberattacks, contact the security consultants at the Comodo Antispam Labs: https://enterprise.comodo.com/contact-us.php

The Comodo Antispam Labs team is made up of more than 35 IT security professionals, ethical hackers, computer scientists and engineers, all full time Comodo employees, analyzing and filtering spam, phishing and malware from across the globe. With offices in the US, Turkey, Ukraine, the Philippines and India, the CASL team analyzes more than 1,000,000 potential pieces of phishing, spam or other malicious/unwanted emails per day, using the insights and findings to secure and protect its current customer base and the at-large public, enterprise and Internet community.

Captured from the Comodo Antispam Labs, screen grabs and information on the Apple phishing emails are below.

*data pulled from Apple Shareholders Call, as reported in Forbes.com: http://www.forbes.com/sites/nigamarora/2014/04/24/seeds-of-apples-new-growth-in-mobile-payments-800-million-itune-accounts/

Phishing Screen Grabs and Information

E-mail Content
From: Apple <verefy@appe.com>
To: *hidden*
Reply To: Apple <verefy@appe.com>
Subject: Verify Your Apple ID – AppleID Support

Phishing Mail

When the recipient hits the “Click Here” link above, it takes them to the following page:

Cyber Security

When the victim enters the Apple ID and password and clicks “Sign In,” it takes the victim to the final page, the key pages for the cyber thief – personal information and then credit card information:

Antispam

Cyber theif

This final page gets the credit card information and once the unknown victim clicks “Validate,” the cyber thief has all of their information in hand.

For the System IT Administrators who think their IT may be susceptible to the fake Apple phishing email, the address, malicious URL, domain and IP address to be aware of is below.

Email From Address: verify@appe.com
Malicious URL inside email: https://srv80.prodns.com.br/~good/my-account/en/
URL Domain : prodns.com.br
IP Address: 192.185.215.210

Be Sociable, Share!

    Add new comment

    Your name
    Comment

    You may use these HTML tags and attributes: <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>