Phishing email from Apple with PDF attachment

A very plain email that supposedly comes from Apple is aimed at user data.

Since such phishing emails with malicious links are increasingly being recognized by spam filters, fraudsters have recently resorted to a new trick:
They pack the malicious link into a harmless PDF file attached to the email.

This is what the email looks like:

Subject: [Account statement reports] Case document – ​​Your account statement is now available.

Dear Customer,
Your account is locked due to suspicious activity.
Please immediately verify your account within 24 hours, open the (PDF) file.
Sincerely,
Team Support

The attached PDF file is harmless in itself, but contains the malicious link:

Here we now find information that there was allegedly an unauthorized attempt to log into the Apple account. We find the salutation “Hello Apple ID” particularly cute.

If we now click on this link, we will immediately receive a warning from Kaspersky :

Without protection, instead of a warning, you will see a mock Apple page where you first have to enter your login details.

After entering fantasy data, we receive the message that the account is blocked for security reasons.

You would think that this would be a quick thing, but since it is not the real Apple site, a lot of data is required because scammers are curious.

Conclusion

With effective protection , you are immediately prevented from entering your data there in good faith.
Otherwise you end up on a mocked-up page that very curiously asks for a lot of data. The fraudsters can then use the data to their heart's content to make purchases with the users' data: there is a risk of extensive identity theft .

Therefore, always pay attention to whether the URL really belongs to a company and whether the email actually comes from a company.
If you have the slightest doubt, you should always log in directly to a company's website to check whether there are any discrepancies!