Earlier this year, we reported about an Apple Store Phishing email regarding a DJI-SPARK by Fly Drone purchase. Today, we got a new iCloud ServiceID phishing email, and this time it was even more dangerous.
Look at the screenshot above, it is quite convincing isn’t it? It says the email is from firstname.lastname@example.org and has the name iCloud ServiceID. The subject of the email was captioned:
RE: [ ID – # -238465 ] [ News Summary Report ] The following changes to your Apple ID, ware made on (July, 15 2018 ). [Support]
There are a few things which clearly indicate this is a scam email. First is the word “RE:” which means “Reply”. Secondly, the phrase “News Summary Report”. Uh, what? Thirdly, we have the words “ware made on”. It’s were not ware. These scammers will never learn.
The iCloud ServiceID phishing email contained a single PDF file, which no doubt contains some sort of malware or ransomware. We didn’t download it of course.
The sender’s email address was the most alarming factor here “email@example.com”. Any user who only reads that, would probably panic and download the PDF, and let’s just say it would be a disaster. We decided to open the mail on our PC, and guess what the real sender’s email address was?
This wasn’t visible on the mobile app by default, you have to tap the sender’s email address to view the id, and even then it won’t be shown completely. You have to tap the name to view the name. How many people do that?
And wow, talk about typos, the email address has some too. No replay is no reply, and statment is obviously statement.
Anyway, if you get a similar iCloud ServiceID phishing email, do not open it. Just forward the email to firstname.lastname@example.org and delete it from your inbox. You may want to change your Apple id’s password just to be safe.