Cyber criminals are targeting Apple users with yet another sophisticated phishing scam where users are asked to click a link for payment refund.
This new phishing campaign has been disguised immaculately as an Apple Store refund information email. You will find an email in your mailbox informing you about a particular transaction that has been made in your name.
It further asks that if you did not purchase the said product then to refund the amount you need to click on a link and that’s where the problem starts.
You can identify the phish easily because you obviously did not buy anything for a “CoPilot Premium HD.”
Nonetheless, some innocent users would certainly fall prey to this scam thinking that they did not buy anything like the one mentioned in the email and therefore, they must ask for a refund.
This is the reaction the scammers are expecting from users because they have probably done PHDs in personal behaviors by now and know that people would hurriedly click on the refund button.
So what happens when you click on that link?
Well, you will be redirected by an infected t-shirt website and taken to a fake login page.
The page is located at this address:
aut0carhire(dot)com/index/user12-appleid/index(dot)HTML
You will be asked to enter your Apple ID credentials and then the next form will appear where you will have to add your name, address, DOB and financial details.
At the end of it would be a “cancel transaction” button, which would perform every other function than cancelling the fake transaction.
The result would be many more transactions being made in your name from your account without your knowledge or consent.
If you have received any such email then instead of falling prey to the hackers’ scams, you must think smartly and delete it instantly.
However, if you have somehow become the victim of this scam then immediately contact your bank to cancel the card and keep an eye over payments made from your account.
FOLLOW THESE SIMPLE STEPS TO AVOID YOURSELF FROM GETTING IN TROUBLE:
Don’t open any suspicious or unknown email | Don’t download any attachment from emails sent by unknown senders | Don’t click any link available in unknown email | Do some Google search before opening a suspicious email.
Source: hackread.com
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.