The "Apple We Detected Suspicious Purchase on Your Account" email message below, which claims a suspicious attempt of purchase has been detected on the recipients' Apple account, is another attempt by cybercriminals to steal their potential victims’ Apple account credentials. The fake email has links in it that go to the phishing Apple website, which steals account usernames and password. The phishing website steals account credentials by asking visitors to sign-in with their Apple account usernames and passwords. Now, any attempt to sign into the fake or phishing website will result in the visitors’ Apple account credentials being sent to the cybercriminals responsible for the scam. Once the cyber crooks have gotten possession of the stolen account credentials, they will use it to hijack their victims’ Apple accounts and use the same accounts fraudulently.
A Sample of the "Apple We Detected Suspicious Purchase on Your Account" Phishing Scam
From: App Store <ujptkapc6rbmzhfgoblyuexlkxekau04epyypnlv @fnse5yvujq2e5azqxda78acmqavpyhld4dsalyev .butocakilisonline.business>
Sent: Saturday, March 3, 2018 11:14:57 AM
Subject: ✅ Order Confirmed : [Payment] Statement update submitted for transactions our client area.
We detected any suspicious purchase at your account.
Check your PDF Invoice
Your ID invoice is DNGCiT205365365425222
Apple users should never click on a link in an email message to sign into their accounts. They should instead, go directly to https://appleid.apple.com/ and sign-in from there. If there is something wrong with their accounts, they will be alerted after signing in. Users who were tricked by the phishing scam, are asked to change their Apple account passwords immediately before their accounts are hijacked and used fraudulently. For those users who are unable to change their passwords, are asked to contact Apple Technical Support for help.