Fraudulent emails in the name of Apple
The Federal Office of Police warns that fraudulent emails are being sent in the name of Apple. Behind it is an alleged order that can be cancelled via a link. However, this link leads to a phishing site.
The victim receives an email with a deceptively genuine invoice from iTunes, as the Fedpol informs us. In one case, it was an alleged purchase of "PokéPièces" worth 39 francs (see illustration). The customer was offered the opportunity to cancel the item via a link. Clicking on this link takes the customer to the phishing page. There, the user is asked to enter his personal data and to press the button "Cancel article". The user is then redirected and asked to enter his Apple ID, as the Fedpol further writes.
In addition to sensitive data such as credit card details, the perpetrators would have the ability to use the Apple ID to access cloud data (files, pictures, etc.) as well as security features (e.g., localization, locking, etc.).
The Federal Office of Police therefore recommends:
- Do not click on recommended links.
- Do not enter personal data.
- Forward the e-mail to www.cybercrime.ch for analysis purposes.
- If data has already been disclosed, contact Apple support to change the credentials.
- The authenticity of the mail can be verified on the real Apple web pages, if necessary.
