“Expired Account” Phishing Scam by Apple?
In a recent report by Brett Christensen of Hoaxslayer.com there has been a new round of phishing scams specifically mentioning Apple as the originator. This scam involves an email purportedly sent by Apple stating to the recipient that their account has expired. They then direct the reader to get more information on the situation by downloading an attached PDF file.
The email body itself is quite simple and will purposely not have any further information. This email is not sent by Apple and is a phishing scam specifically designed to steal financial, personal, and other sensitive data. TSecrime from Twitter has warned followers that the PDF attached contains malware and must not be opened.
However, in the event that the PDF is exported and opened, it is well worth noting that the text on the file will be extremely simplistic. Brett Christensen has posted an image of said file showing its many flaws such as typos and grammatical errors. More importantly, it also details how Apple will suspend the account should the recipient fail to update the account.
In the event that the Update Account button is clicked, this will direct users to a website that very closely resembles the real Apple site. This is where they are encouraged to type in their Apple ID after which they will be informed that the ID is locked and a form will pop-up to gather even more data to supposedly unlock said ID.
This type of scam is not new and Apple Support have dedicated knowledge articles specifically written to help users avoid such scams and giving away sensitive data or infecting their devices.