14 DAY TRIAL // A malicious email campaign delivers to users messages claiming to be from Apple and informing the recipient that an item has been bought from their store; a link is offered to cancel the purchase, leading to a phishing page.
Unlike most Apple-themed phishing attempts, in this case, the perpetrators are not trying to steal the Apple ID of the recipient but to get their hands on banking information that could be used for making online purchases.
Risk of fraudulent online shopping ahead
According to Hoax-Slayer, the email informs that TomTom navigation application has been purchased from Apple, but the process can be reverted by simply accessing the provided link.
Clicking on the URL takes the potential victim to a page impersonating a cancellation form from Apple, asking for sensitive information such as the type of the card owned by the user, the name of the bank that issued it, the number of the card, its expiration date and the CVV (card verification value) code.
Apart from this, personal details that include name, date of birth, billing address, city and postal code appear as mandatory in the fake form.
Armed with all this data, anyone could buy goods online in the name of the legitimate owner. The items are later converted into cash at a fraction of their original value.
Crooks have more lucrative opportunities towards the end of the year
Cybercriminals know too well that the end of the year is the perfect time to set up this type of traps, as plenty of panicked users would rush into stopping the alleged transaction from occurring.
They have learned to be more efficient; by acting during this time of the year it is less likely that the victim notices a fraudulent transaction soon enough, given that the holiday season is also when most shopping is done in a year.
Moreover, some of the banks are also on holiday and may not offer the same promptness as usual, which makes reporting the theft more difficult, unless other organizations are ready to receive the complaint.
Any suspicious email should be treated accordingly and users should refrain from complying with its requests. If a link is provided, it is important to check its address in the web browser in order to make sure that it matches the details in the message.
In the case of sensitive information, all reputable vendors, in particular established online services such as Apple’s, deliver the data via encrypted communication. If the HTTPS sign (green lock) is not available in the address bar, the page is most likely part of a scam.