Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Phishing Scam Lures with Genuine-Appearing Apple Login Site

The institute that monitors malevolent operations online, SANS Internet Storm Center warns of one fresh phishing e-mail campaign that utilizes genuine-appearing Apple login web-page so as for tricking unwitting Apple customers, published threatpost.com dated March 28, 2014.

SANS ISC explains that the phishing campaign works in an essentially sophisticated manner, as it utilizes a JavaScript code, which poses as an attempt for substantiating the legitimacy of Apple IDs that are typed inside the malevolent spaces. This implies that incase an end-user becomes convinced of the trick, however, types in invalid Apple IDs, he'll get prompted to re-check the ID he has entered.

The attackers within the current instance use a malicious domain namely appleidconfirm[dot]net.

It isn't known for sure if they're able to differentiate between the real e-mail addresses of Apple ID and those that don't exist at all. Nevertheless, if the victim typed in credentials that are regarded as valid then he'll get diverted onto the domain-name having a /?2 suffix that's the malevolent site's another section.

In this phase of the attack, all personal details are cleverly extracted regarding the account-owner that might help the attackers modify the particular account alternatively, grab identification details of the victim. Following the submission of valuable personal information, the next step is revealing of the victim's payment card details, states SANS ISC.

The victim is tricked to solely give out an authentic MasterCard, Visa, Discover or American Express card detail so he may land on the /?3 site recognized as the "Success" web-page.

Eventually, with the lapse of merely 2 seconds there, a diversion occurs towards the actual Apple website by when the victim might've unknowingly revealed his entire private information helpful in exploiting him while he remains unaware of all that happened.

SANS ISC observes that the phishing scam is an utterly cunning scheme, which the fraudsters have designed.

Meanwhile, closely before the current phishing scam, there was another, which hit Apple's patrons. In that, bogus e-mails spoofed as being sent from informs@apple.com while displaying a caption "Apple is rewarding its long-term customers" got detected at Kaspersky Labs the security company during the 1st-week of March 2014.

ยป SPAMfighter News - 4/4/2014

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page