Apple Account 'Update to New SSL Servers' Phishing Scam
OutlineEmail purporting to be from Apple claims that the user's online access has been blocked because customers are required to update their information in order to use new ssl servers.
© Depositphotos.com/ panama555
Brief AnalysisThe email is not from Apple. It is a phishing scam designed to trick recipients into giving their Apple account details and other personal and financial information to Internet criminals.
Scroll down to read a detailed analysis with references.
Unfortunately, Your online access has been blocked.
As part of our ongoing commitment to provide the "Best Possible" service and protection to all our customers, we are requiring each Customer to Update their account (s) using the new SSL servers to avoid suspension of you online access. Please Update your online account (s) by clicking bellow account update.
Account Update Process >
This is an automated message. Please do not reply to this email.
According to an email that appears to come from Apple, the recipient's Apple account has been blocked until account information is updated. The email claims that Apple is implementing new SSL servers to increase customer protection and therefore all customers need to update their details or risk suspension of their accounts. The email includes a link to the "account update process".
However, the message is not from Apple and the claim that users must update their details is a lie. Instead, the email is a phishing scam designed to steal Apple ID's and a large amount of other personal and financial information.
Those who fall for the trick and click the update link in the email will be taken to a fake Apple login page as shown in the following screenshot:
After entering their login details, victims will be taken to a second page and asked to supply further details, ostensibly to confirm their Apple ID:
Once victims have filled in the form and clicked the "Update Apple ID" button, they will be redirected to a page on the genuine Apple website.
Alas, while, at this point, victims may remain blissfully unaware that they have been scammed, all of their data may be collected by criminals and used for credit card fraud and identity theft. And the scammers can also hijack Apple accounts belonging to their victims and use them to launch further spam and scam campaigns and conduct other fraudulent activities.
Apple account phishing scams are very common. If you are an Apple user, you should be wary of any message purporting to be from Apple that claims there is an issue with your account that needs to be rectified or you are required to perform an account update.
It is best to login to your Apple accounts via your applications or web browser rather than by clicking a link in an email.
Last updated: January 21, 2014
First published: January 21, 2014
By Brett M. Christensen