“iCloud Mail” phishing emails doing rounds

The latest email phishing campaign targeting Apple users is aimed at gathering as much information as possible from unfortunate victims.

The email, made to look like it comes from Apple, bids targets welcome to iCloud Mail, but warns that the company has been unable to confirm their account information, and that their account has, therefore, been suspended.

iCloud Mail phishing

Users who click on the link offered in the email will land on a well crafted and rather convincing fraudulent Apple login page, Hoax-Slayer warns.

They will be taken through several pages and asked to input their Apple ID and password, payment card information, their address, phone number, date of birth, and finally redirected to Apple’s legitimate website.

Unfortunately for those who fell for the trick, the scammers have all the information they need to take over their Apple account and make purchases through it, but also to attempt to perform identity theft. Finally, the payment card info can be misused to make fraudulent purchases online.

This is not the first time that scammers use fake emails to get to Apple ID login credentials and users’ personal and financial information, and it won’t be the last.

Sadly, there are always new users who have never encountered such a trick and might fall for it. And even savvy but distracted users can occasionally stumble. The day that we see fewer (or none!) of these emails is the day that we could hope that user education is making a dent.