Bad Phishing: This should worry Apple

On the cybercrimepolice.ch portal, the police of the canton of Zurich warns that scammers are posing as Apple. There are currently huge amounts of emails with the subject “Unknown Device Access” in circulation. In these emails, the scammers claim that the recipients’ Apple ID was used to log into their iCloud. The purpose of the sender is to obtain the login and credit card data and to draw the security code sent by the financial institution via SMS.

This is what Apple’s alleged email looks like. Pay attention to the sender. (Source: cybercrimepolice.ch)

By using the Apple logo and raising suspicion of unauthorized access to data, attackers would deceive their victims. If you click the link in the email, you end up on a fake website. This asks the user to enter personal data.

On this website, scammers try to steal credit card information. Here too it is important to note the URL. (Source: Cybercrimepolice.ch)

After the scammers intercepted Apple’s logins, they would try to obtain users’ credit card information via the same bogus website and charge the linked accounts.

If you then receive a security code from your bank, the scammers kindly ask you to enter it on the fake website as well. Entering the security code cancels the two-factor authentication and the money goes into the scammers’ account.

Entering the code on this site will cancel authentication and charge the card. (Source: cybercrimepolice.ch)

Police recommendations

The police recommend that you ignore these emails and do not contact the scammers. Another police recommendation: Don’t click any links in emails unless the sender is 100% known. And: Never disclose personal data without first conducting thorough investigations.

Anyone who has fallen into the scam of scammers should immediately block their credit card and immediately change their Apple account login details. The police also recommend reporting this to the local police station after making a telephone appointment.

Homegate.ch and Brack.ch are also currently warning scammers who send emails on their behalf. Here you can find out what characteristics are to be observed in the alleged homegate e-mails and here what the alleged Brack.ch e-mails look like.