As an Apple user, or by coincidence, I received a standard phishing email looking for me to enter my iTunes account information and credit card information because my account will expire. BS. Apple accounts don’t expire and you aren’t sent to a website. This iTunes scam is one of thousands that try to trick you on giving information to thieves when you think you are giving it to legitimate sources.
Remember the rules of emails
- If you don’t know, never, ever, click a link in an email. Period.
- Be suspicious of all emails from everyone, because emails can look like that came from anyone and look like a company page including logos.
- Pick up the phone and call the company to verify an email. Let your account expire, it can always be re-enabled.
Here is the email, looks legit right?
The Update now link takes you to a non-Apple site, first red flag. Another big indicator are spelling mistakes, it’s focused on the United Kingdom although I am not in the UK, and the button is in a different language. Do you think this is legit? No.
Another trick is that other links in the email, the ones that aren’t asking for your information, do link to the actual business websites to trick you to think it’s a valid email. But anyone can link to anything in an email. Don’t be fooled, look at all the pieces.
Spread this around, teach those who are less than technical and stop someone from doing something that will cost them later.
End of line.
Binary Blogger has spent 20 years in the Information Security space currently providing security solutions and evangelism to clients. From early web application programming, system administration, senior management to enterprise consulting I provide practical security analysis and solutions to help companies and individuals figure out HOW to be secure every day.