There is an uptick in the volume of phishing emails allegedly sent on behalf of Apple’s iTunes Store. The threat actors attempt to wheedle personally identifiable information out of recipients by urging them to click on an embedded rogue link. The persuasion effect is attained through a notification about a nonexistent order that the user supposedly needs to pay for. To cancel this order or learn the details, the target visits a bogus page where the identity theft actually takes place.
It’s much easier to manipulate humans than it is to write code for stealing one’s personal data. Moreover, the social engineering route proved to be highly effective. The online crooks know this perfectly well, so they keep coming up with new themes for their tricky phishing campaigns. In one of the recent hoaxes, criminals have been firing trustworthy-looking bulk emails at potential victims. These messages impersonate receipts from the iTunes Store. They look realistic enough for people to get curious at the very least, because the fake receipt letters will contain a made-up order ID, receipt date, order total, and the item name. The idea is to misinform a victim about an item purchase they never made. These are mostly movies or phony Apple music membership subscriptions.
The amount of money purportedly billed is too big for a targeted person to overlook. It may be around $200, so the perplexed recipient will definitely want to sort things out. The whole catch is in the phrase saying that the user can safely ignore this message if they actually made this order. The disclaimer goes on to say, “If this wasn’t you, your account has been compromised,” or a similar statement. Yet another note in the email says that the user will need to provide their billing information to verify that they are the legitimate account holder.
The “Recover Account” button in between these two notes in fine print is definitely a wrong thing to click on. It redirects to an Apple-style account page. To be able to log in, though, the victim will have to enter the Apple ID and password. What actually happens in the background is these details go to a remote attacker. Whoever has your account credentials can access the information stored on your mobile device or Mac box. Even worse, they can remotely lock down your iPhone through the use of the feature called Find My iPhone, and then extort a ransom for unlocking. Another possible upshot is that the rogue landing page will ask you for credit card details to do a refund. One way or another, don’t ever hand over sensitive information in phishing scenarios like this.
Check for viruses related to iTunes Store receipt email scam
In the event you have clicked any links embedded in iTunes Store receipt scam email, chances are your computer has been furtively compromised by malicious code, such as a DNS hijacker or a piece of ransomware. The extermination of malicious entities accompanying this scam can be efficiently accomplished with reliable security software. Sticking to the automatic cleanup technique ensures that all components of the infection get thoroughly wiped out from your system.
1. Download recommended security utility and get your PC checked for malicious objects by selecting the Start Computer Scan option
2. The scan will come up with a list of detected items. Click Fix Threats to get probable malware removed from your system.