Attention: Fake Apple email: Your Apple ID has been updated

As our cooperation partner Watchlist-Internet reports, fake Apple emails are currently being sent!

In a fake Apple message, criminals claim that a customer's password has been changed. For this reason, they should disclose personal information on a website and thereby undo the unwanted change. In reality, disclosing the data means that criminals have access to it.

Criminals want to steal customer access data using fake company messages. They cite a made-up reason that supposedly makes it necessary for recipients to disclose personal information. The made-up reason could be, for example, a suspicious password change or a system update. In order for the perpetrators to complete the data theft, customers should access a fake company website and provide their access or bank details there. The personal information goes directly to the criminals. This makes it possible for them to access someone else's account and commit crimes under someone else's name.

Subject: Your Apple ID information has been updated.

Internet users are currently receiving a fake Apple email with the subject “Your Apple ID information has been updated.” Unknown people claim that third parties have changed the Apple ID access data. Customers should reverse the change by disclosing personal data:

Sender: Apple < [email protected] >

Hello,

The following information on your Apple ID was changed on April 24, 2017 at 09:10:49 GMT:

password

If you haven't made these changes or you think an unauthorized person has accessed your account, click My Apple ID to cancel.

Kind regards,
Apple Support

Graphically, the message gives the impression that it actually comes from Apple:

A fake Apple email.

Where does the “My Apple ID” link go?

If you access the “My Apple ID” link, you will go to the website “musterseite.tn/include/AT/Login.php?(…)”. It does not belong to Apple and imitates the company's website:

An Apple phishing site.

After revealing the login details, the fake Apple website states that the Apple ID has been deactivated for security reasons. Therefore, customers should activate their account:

The Apple phishing site says that the Apple ID has been deactivated.

If you want to unblock the account, you will be taken to a form that requests the customer's account details:

Customers should provide their account details.

Anyone who discloses the account details is passing them on to criminals. This allows them to commit crimes under other people's names and make purchases at other people's expense.

How do you recognize the Apple phishing email?

The supposed message from Apple is fake. You can see this from the following points, among others:

• The content of the letter is fictitious because your password has not been changed. You can check this by manually going to the Apple website and logging in regularly.
• The salutation of the message – “Hello” – is impersonal. Apple addresses customers directly by name in letters.
• If you move your computer mouse over the “My Apple ID” link, a dialog window will show you that you can open the website “musterseite.tn/include/AT/Login.php?(…)” with one click. The website is not owned by Apple.
• The title of the supposed Apple message is contradictory. One time it's about you, another time it's about you: “If you haven't made these changes (…) click on My Apple ID”. Normally this is not the case.
• They are supposed to provide personal information on a phishing site.

Have you been a victim?

If you have provided your personal information on the Apple phishing site, contact your credit card company immediately. Explain to them that you have become a victim of data theft. Discuss with your counterpart how to proceed to limit the damage. If necessary, have your credit card blocked. Change your Apple ID password immediately. File a criminal complaint with the police.

The Internet Watchlist recommends:

Move messages that ask you to provide personal information to a website to your spam folder. This will prevent you from receiving similar phishing messages in your regular inbox in the future!