The email message below which claims that the recipients' account information appears to be missing or incorrect is another attempt by cybercriminals to steal their potential victims’ Apple account credentials. The fake email has links in it that go to a phishing Apple website which steals account usernames and password. The phishing website steals account credentials by asking visitors to sign-in with their Apple account usernames and passwords. Now, any attempt to sign into the fake or phishing website will result in the visitors’ Apple account credentials being sent to the cybercriminals responsible for the scam. Once the cyber crooks have gotten possession of the stolen account credentials, they will use it to hijack their victims’ Apple accounts and use the same accounts fraudulently.
A Sample of the "Apple Reset Your Password" Phishing Scam
From: [ Apple ID ] Support Account
Sent: Saturday, June 10, 2017 8:53 AM
Subject: Re: [New Statement Update] : Account Submitted to Reset Your Password For Our Client Area
Customer ServiceCustomer Service
Dear Customer,
We have notified that some of your account information appears to be missing or incorrect. We have faced some problems with your account.
Verify your Apple ID account in order to be used. Please check immediately by clicking the following link :
❶ Sign In
Sing-in into your Account
❷ Verify Your Information
Enter your information in advance, to make sure you is owner of Apple ID account
❸ Submit and Activated
If you has verified your data correctly our system will automatically activate your account
Sign In
Our system will automatically disabled your account if we do not receive any information longer than 24 hours.
Apple team
You received this mandatory email service announcement to update you about important changes to your Apple Inc product or account.
© 2017 Apple Inc., 1 Infinite Loop. Cupertino, CA 95014. USA
The links in this email message go to the following phishing Apple website:
- hxxps://www.costumer.cimol-icloud-colmex.com
Apple users should never click on a link in an email message to sign into their accounts. They should instead, go directly to https://appleid.apple.com/ and sign-in from there. If there is something that needs to be done their accounts, they will be alerted after signing in. Users who were tricked by the phishing scam, are asked to change their Apple account passwords immediately before their accounts are hijacked and used fraudulently. For those users who are unable to change their passwords, are asked to contact Apple Technical Support for help.