It's time for another phishing attack, and this one uses a sneaky idea.
The latest scam tries to convince you that someone has already hacked your account. For a quick phishing refresher, click here to check out a recent scam that thieves used to try to get their hands on your PayPal account.
Scammers will send you an email with a subject line reading "AppStore Recent Purchase Confirmation." Alarm bells would, naturally, go off on anyone's head. You didn't buy anything, someone must be using your account to buy themselves!
Sophos' Naked Security blog tracked down what the phishing email looked like, and numbered every suspicious part of this email.
Naturally, the email is meant to freak you out. Each red flag, however, should reveal the fake elements that reveal the truth behind the phishing attempt.
Hovering over the "transaction details here" link will direct you to a site completely unrelated to Apple. Hackers can't fake this, and you should always hover over a link before clicking it.
The email addresses will be completely unrelated to official Apple email accounts. Always cross-reference emails like these with other official emails you've received from Apple.
The password field is also totally fake. Apple doesn't actually store your password, and encrypts it into something that even Apple employees can't read. The emails claim that your password is "not displayed for security reasons" is actually a mistake on the fraudster's part.
If you click a link on the fraud email, the site will redirect you here.
You'll immediately notice that the site looks like Apple's official site. The replication has a bunch of glaring mistakes that might not be obvious on first glance.
The site in the URL bar, Naked Security blurred out, will link a site that isn't actually related to Apple. The form also asks for your "credit limit," a question meant to help thieves know how much your card might be worth on the open market.
It also asks for you date of birth and mother's maiden name, presumably for security purposes. The truth is that the scammers are just trying to get more information from you and increase their chances of stealing your information.
Don't let scammers terrify you into giving them your personal information. Always verify an email address before believing fraudulent claims.