Phishing Emails from “Apple Billing Information”

Just in time for the proud new owners of holiday-gifted Apple gear to be caught off guard, a phishing scam is making the rounds purporting to be from “Apple Billing Information.” This attack can easily catch newcomers, and a few old-timers too, with it’s nearly authentic look.

Intego’s “The Mac Security Blog” has identified and documented the phishing scam coming from “[email protected]” that asks recipients to update their information. There are a few hints, however, that this is not a legitimate request.

The first is the poorly-worded subject line, “Apple update your Billing Information.” The second is that the request refers to out-of-date information, which would be odd for someone who had recently set up an account.

Image courtesy “The Mac Security Blog” from Intego

The third is more subtle and involves the web address. First off, it’s asking you to update your “Billing Information” at the store.apple.com address. That address is for shopping, not billing information. And if you hover over the address and wait for the tooltip to appear, the domain shown is numerical even though it does reference Apple elsewhere in the address. Very tricky, but a tip-off nonetheless.

If you click on it, you’ll be asked to login with your AppleID and password on a real-enough-looking page. Then, of course, you’ll be asked to update your profile information including credit card data, again on a realistic-looking page.

Image courtesy “The Mac Security Blog” from Intego

This is a very cleverly crafted scam that is sure to catch some people along the way. Make sure you aren’t one and spread the word. If you gifted an Apple product to someone this holiday season, perhaps a brief word of notice could save them a bit of trouble.