Posted on: 10th April 2017
Have you received the below email, from ‘firstname.lastname@example.org‘ claiming that you need to confirm your apple id details?
The Cyber Security Specialists at Pyranet have confirmed this is a fake.
|From: ID Restore <email@example.com>|
Our records indicate that on 09 – April – 2017 you have not yet updated your Apple ID details.
Under “Know your Customer (KYC)” legislation is required by law to carry out a one time validation of your Apple ID,
Please proceed below to confirm your details : Apple Update
To cancel the deletion of your Apple ID proceed to Apple Update information before the scheduled deletion time.
Your Apple Id will be deleted six hours after this email was sent.
If you see this messages marked as spam, Just select the message and click the Not Spam button that appears at the top and bottom of your current view. Unmarking a message will automatically move it to your inbox.
Copyright © 2016 iTunes S.а r.l. 31-33, rue Sainte Zithe, L-2763 Luxembourg All Rights Reserved.
We would like to confirm that the above e-mail if received should be ignored/deleted as it is a common scam being used to steal/harvest Apple ID details from individuals.
This is a common style of phishing email, using tactics that aim to scare you into handing over your personal information.
Emails like this are created everyday to get people like you and me to give up information that can benefit hackers and con artists, who take advantage of the fact that many of us have Apple ID’s for our iPhones, iPads, iPods and Mac Computers.
We want to brush over a few points on how to spot phishing/spoof emails, for future reference so that you don’t fall victim to scams. We’ve got a more detailed guide here if you’d like to take a look at that.
The top things you should be looking out for are;
In this case, the senders email address is unusual, and not what we would typically expect coming from Apple. Emails from Apple regarding Apple ID, would come from an email address more resembling this, firstname.lastname@example.org. If you ever need to check your Apple ID status or have any concerns, you can easily check this by going on apples website: https://appleid.apple.com.
Typos and language
This is one of the main giveaways as to the legitimacy of an email. Emails coming from reputable companies such as Barclays, HSBC, Amazon, eBay, Apple, Netflix etc would absolutely not contain bad grammar or misspelled words. If you take a closer look at this email, there are a few errors. Firstly, the inconsistent spelling of ‘Apple ID’ plus random capitalisation of letters.
Most phishing emails use scare tactics, because it gets a quick response out of the recipient if they feel threatened or put under pressure. In this example, the threat is that if the recipient does not update their Apple ID in 6 hours that it will be deleted. The email also states that it is ‘required by law’ to get these confirmed details, adding to the fear created.
If you’re ever unsure about the legitimacy of an email, don’t click on any links or attachments within the email or do any of the tasks that the email instructs you to do. More tips here.
Stay safe online!
– The Pyranet Team