The email message below with the subject "Your Billing Information Has Been Change" is another attempt by cybercriminals to steal their potential victims’ Apple account credentials. The fake email has links in it that go to a phishing Apple website which steals account usernames and password. The phishing website steals account credentials by asking visitors to sign-in with their Apple account usernames and passwords.
Now, any attempt to sign into the fake or phishing website will result in the visitors’ Apple account credentials being sent to the cybercriminals responsible for the scam. Once the cyber crooks have gotten possession of the stolen account credentials, they will use it to hijack their victims’ Apple accounts and use the same accounts fraudulently.
A Sample of the "Your Billing Information Has Been Change" Phishing Scam
From: Apple Service <5287-billingaccountserviceappleid@validateid0135.us>
Date: 31 May 2018 at 19:32:32 BST
To: support@apple.com
Subject: [ Fraud Alert Information ] [ Billing Info ] [ Privacy Police ] Your Billing Information Has Been Change on 31 May 2018
Dear Customer,
We have detect some issues with your account apple,because was change account information from different device.For the further informations please find the attachment file (PDF) and follow the intructions.
Regards,
Apple Service
<Verification_Suspicious_AccountID.pdf>
Apple users should never click on a link in an email message to sign into their accounts. They should instead, go directly to https://appleid.apple.com/ and sign-in from there. If there is something wrong with their accounts, they will be alerted after signing in. Users who were tricked by the phishing scam, are asked to change their Apple account passwords immediately before their accounts are hijacked and used fraudulently. For those users who are unable to change their passwords, are asked to contact Apple Technical Support for help.