- Popular
- Most Talked-About

Report

Online Threat Alerts (OTA)

An anti-cybercrime community alerting the public to web or internet threats.

Online Threat Alerts (OTA)»

"Apple Confirmation Change Password" is a Phishing Scam

Comments: 2
Views: 966
Updated: May 15, 2019 2019-05-15T09:30:07 -
Date: May 22, 2018 2018-05-22T12:35:47

The "Confirmation change password of your Apple" email message below which claims that the recipients' Apple ID has been locked is another attempt by cybercriminals to steal their potential victims’ Apple account credentials. The fake email has links in it that go to a phishing Apple website which steals account usernames and password. The phishing website steals account credentials by asking visitors to sign-in with their Apple account usernames and passwords. Now, any attempt to sign into the fake or phishing website will result in the visitors’ Apple account credentials being sent to the cybercriminals responsible for the scam. Once the cyber crooks have gotten possession of the stolen account credentials, they will use it to hijack their victims’ Apple accounts and use the same accounts fraudulently.

The "Apple Confirmation Change Password" Phishing Scam

From: Apple Support <4yQaytnQ-Apple-service-4yQaytnQ-mail-support-no-reply@statement-verify-id.com>

Date: May 21, 2018 at 3:24:48 AM PDT

Subject: Re: [ New Statement ] Confirmation change password of your Apple account in Google Chrome ( 20 May 2018 ).

Apple ID Suspicious Activity

Case ID : 13183021

Dear

Foг уοuг ѕаfеtу, уοuг Αррlе ID hаѕ bееn lοckеd bесаuѕе wе fοund ѕοmе ѕuѕрісіοuѕ асtіνіtу οn уοuг ассοunt. Ѕοmеοnе was trying ассеѕѕ уοuг ассοunt аnd mаkе ѕοmе сhаngе οn уοuг ассοunt іnfοгmаtіοn. This the details :

Country : Benin

IP Address : 70.23.71.52

Date and Time : 19:24, 21 May 2018

Browser : Opera

We apologize for locking your account because for security reasons.

If you do not perform this action or you believe an unauthorized person has accessed your account, you must login to your account as soon as possible to verify your information.

Vіеw Αссοunt Infοгmаtіοn

Regards.

Apple ID Support

Copyright © 2018 Apple Inc. All rights reserved.

Apple Support | Apple ID | Apple Service

Apple users should never click on a link in an email message to sign into their accounts. They should instead, go directly to https://appleid.apple.com/ and sign-in from there. If there is something wrong with their accounts, they will be alerted after signing in. Users who were tricked by the phishing scam, are asked to change their Apple account passwords immediately before their accounts are hijacked and used fraudulently. For those users who are unable to change their passwords, are asked to contact Apple Technical Support for help.

Note: Some of the names, addresses, email addresses, telephone numbers or other information in samples on this website may have been impersonated or spoofed.

Please share what you know or ask a question about this article by leaving a comment below. Also, check the comment section below for additional information, if there is any.

Remember to forward suspicious, malicious, or phishing email messages to us at the following email address: info@onlinethreatalerts.com

Also, report missing persons, scams, untrustworthy, or fraudulent websites to us. Tell us why you consider the websites untrustworthy or fraudulent.

If you want to quickly find answers to your questions, use our search engine.

You can help maintain Online Threat Alerts (OTA) by paying a service fee. Click here to make payment.

Comments, Questions, Answers, or Reviews

(Total: 2)

To help protect your privacy, please do not post or remove, your full name, telephone number, email address, username, password, account number, credit card information, home address or other sensitive information in or from your comments, questions, or reviews.

The comments or reviews below do not necessarily reflect the views of Online Threat Alerts.

May 10, 2019 at 1:06 PM by an anonymous user from Distrito de Lima, Lima region, Peru
I received a mail from this person whose name is support@apple.com but his email adress is <pinbox.nahanjayaingtau.ders-maills038@ne98fufwf.me>. The subject of the mail was: [NEWS REPORT ALERT] The confirmation password changed in your Google Chrome account. Thursday, May 02, 2019.
At first, when I looked at my inbox, I didn´t suspect that this mail would have malicious content because I read that the name of the sender was support@apple.com. The text content that appeared on the body of the mail didn't have more than this phrase:
Invoice number: 424842533550584 [Wed, May 02, 2019 PM]
At the top the body of the text, appeared the icon of a file called: Activity-Of-Account_ID20896014677536.dot. I was very naive at this point. That's why I downloaded the file....
Then, I checked the properties of the file. I looked for the custom tab, which refers these data:
Name: KSO ProductBuildVer
Type: Text
Value: 10-3310.2.0.7646
I haven't opened this file yet, but I wanna know if I made something wrong by simply downloading this file.
I would appreciate if you can help me providing me more information about this file and also by telling me what to do if I commited a huge mistake by downloading this file.
Thanks.
remove
- May 10, 2019 at 1:32 PM by info
  The .dot is a Microsoft Word Template file, but cybercriminals are embedding malicious code in these files and sending them as an email attachment to their potential victims.
  If recipients attempt to open the malicious attachment, they will be prompted to "Enable Macro", if they do, the malicious Macro code will execute and attempt to download malware on their computers.
  If you do not have Microsoft Office installed on your computer, then the embedded Macro code will not execute or work. The malicious code only works if Microsoft Office installed on the recipients' computer.
  Since you have attempted open the file, scan your entire computer with the antivirus software installed on it.
  remove

Show More Comments (2)

Show all Comments