Watch Out Folks! There is a new phishing scam is once again targeting owners of Apple products, warns security firm Intego. The attack is said to have begun “on or around” Christmas Day, and involves an email that claims to be from “appleid@id.apple.com” with the subject line “Apple update your Billing Information.” It insists that a person’s billing information is out of date, and that it must be updated or else Apple will delete the associated account. A provided link looks like it should lead to Apple’s online store, but in reality takes you to a fake sign-in page.
Both the sign-in page and the email look realistic at first look. The email, for instance, uses the same silver color scheme as Apple’s website, and formats text in a manner almost identical to Apple’s style. The one surefire way to spot the deception is said to be hovering a cursor over the store.apple.com link, which reveals the actual target URL.
Should a person fall for the scam, the sign-in page initially asks for a person’s Apple ID and password. After going ahead, it then asks for credit card information. Intego notes that the phishing campaign is likely meant to exploit the Christmas holiday, since many new Apple product owners need to set up an iTunes Store or Mac App Store account for the first time.