This latest email scam appears to be a classic example of phishing, also known as brand-spoofing.
(Indianapolis, Ind.) - Attorney General Curtis Hill is advising Hoosiers to beware of fraudulent emails that appear, at first glance, to come from Apple representatives. Scammers are sending the fake emails in attempts to lure unsuspecting victims into providing personal information, such as credit card numbers. The scammers also may be trying to install malware on victims’ computers or devices.
An employee of the Office of the Attorney General received such an email this week. In this latest scam, the sender uses an identity of “Apple ID,” and the email includes the company logo. Upon examining the address from which the email is sent, however, one sees that it is not from Apple.
Recipients of any suspicious email should make sure the sender's address includes the domain name of the company supposedly sending it. Watch for fake emails that include domain names that vary only slightly from those being imitated.
The subject line of the fake email reads, “We Have Disabled Your AppleID.” The body of the e-mail contains a photo of a lock with the words “Account Disabled.” The Apple logo is in the top left corner.
The text of the email, which lacks correct punctuation in places, reads: “Hi Seems like your account has invalid billing information. To make sure that you can get back into your account quickly, easily and securely in the future, update your account information Follow the link below to update your account. (Then the email contains the suspicious link.) If we do not hear from you within 48 hours, any saved accounts and information will be lost! Thanks Apple team”
The link included in the email begins with “http” instead of “https,” which is used for secure websites. Anyone doing business on websites should always make sure a website’s URL begins with “https.”
This latest email scam appears to be a classic example of phishing, also known as brand-spoofing, which is a type of deception designed to steal a consumer’s identity. In a phishing scam, a thief tries to get information such as credit card numbers, passwords, account information or other personal information by convincing consumers to provide it under false pretenses.
Phishing schemes usually come via spam e-mails or pop-up windows. Scammers pose as legitimate companies with which consumers already may do business.
Con artists will continue to develop new and more creative ways to take advantage of consumers online. Attorney General Hill reminds Hoosiers never to respond to requests for personal information via e-mail. If you think an email is legitimate, contact the company by phone or through its website to confirm. Further, never click on links you receive in unsolicited e-mails.
Anyone receiving suspicious emails purporting to come from Apple may forward them to the company at firstname.lastname@example.org.
If you believe you have been the victim of any type of scam or attempted scam, the Office of the Attorney General can help. Go to indianaconsumer.com or call 1-800-382-5516 to file a complaint.