With rather apt timing, considering my last post – I had this very convincing email arrive today. Now many of you may have received the same, but it’s a perfect example of what I was talking about – the quality of phishing emails with dodgy links embedded is growing by the week. It’s actually very old at least three years, yet the format and presentation has improved over the years and it looks much more convincing nowadays.
Here’s the Apple ID Email spam I got – the white marks are where my correct email address where inserted.
It’s basically suggesting my Apple/Itunes account has been hacked and to save it I need to authenticate the password. Now it looks pretty convincing, the format is nicked entirely from a genuine Apple email. My real email address has been inserted in the text, which makes it look more genuine. The support link is completely correct so if you clicked to validate the site you’d come to the real Apple ID support site.
In fact the only thing that is wrong with this email is the link for verifying your account – which takes you here.
Again a genuine looking page, (in fact a direct copy of the Apple ID login screen), just hosted on a very dodgy sounding domain – www.icloudsecuritydepartment.co . If you proceed you’ll be have to supply not only your Apple ID but credit card information and other personal details. Those will of course end up in the hands of cyber criminals fully able to cause some serious damage to your financial status!
There’s every reason to believe these are going to get better and better in quality, more likely to be specifically targeted (Spear phishing) and much more difficult to spot. At the moment the real giveaway is the crappy sounding domain/url that you have to type your details in, but there are ways of redirecting these and masking the true destinations.
Basically never click on a link sent to you in an email, particularly if it asks you to enter any personal details what so ever. Legitimate companies never send these links, so you should never use them. If you want to visit or login into a site then go directly to their URL or use your own link (although I’m waiting for an attack that starts modifying peoples bookmarks!).
If it’s in an email then basically you should be extremely suspicious, look for reasons why it may be false.