Soon after news that the OS X Mavericks release was being attacked by phishing scammers, Apple users should once again peruse their emails with a healthy dose of suspicion.
A simple but effective phishing campaign is yet again targeting customers via their email accounts in order to gain access to their private financial and login details.
The subject header seems to be either “Apple ID Information Updated” or “Account Info Change”, with the body text reading similar to the one below:
The following information for your Apple ID [email address removed] was updated on 04/11/2013:
Shipping and/or billing address
If these changes were made in error, or if you believe an unauthorised person accessed your account, please reset your account password immediately by going to [link removed].
To review and update your security settings, sign in to [link removed].
This is an automated message. Please do not reply to this email. If you need additional help, please visit Apple Support.
Apple Customer Support"
The unfortunate souls who take the bait and click the link will find themselves on a bogus Apple login page that takes users on to a form requesting to be filled with account and credit card details.
Needless to say, these details are soon passed on to the phishers who have less-than-savoury intentions.
This is the most recent in a wave of sophisticated phishing attacks targeting multiple websites and services, including last month's attacks on PayPal by phishing scammers.
Increasingly, scammers are using information from social media to more accurately target their strikes, meaning that Facebook and Twitter are fast becoming hackers' secret weapons.