All this talk about the importance of SSL connections has given cybercriminals ideas. They’ve launched a new phishing campaign that involves emails which instruct recipients to hand over their information in order to update their accounts “using the new SSL servers.”
The emails, which purport to come from Apple Customer Support, read something like this:
“Unfortunately, Your online access has been blocked. As part of our ongoing commitment to provide the ‘Best Possible’ service and protection to all our customers, we are requiring each Customer to Update their account (s) using the new SSL servers to avoid suspension of you online access.
Please Update your online account (s) by clicking bellow account update. Account Update Process. This is an automated message. Please do not reply to this email.”
Hoax Slayer warns that the links from these emails don’t point to a genuine Apple website, but to a phishing site where victims are asked to hand over their Apple ID, password, name, billing address, contact information and even credit card details.
Once the information is entered, the victim is redirected to the legitimate Apple site. The cybercriminals can use the stolen information for various purposes, including identity theft and to perform fraudulent purchases.
In case you’re a victim of this scam, change your passwords, and keep a close eye on your bank account. If the crooks try to make fraudulent purchases with your card, you can recover your money if you quickly report the unauthorized transaction.
In order to avoid falling victim to phishing scams, don’t click on links contained in unsolicited communications.
Apple will not ask you to hand over your financial details in response to an email. When it comes to logging in to your account, make sure the site you’re on is protected by an HTTP connection.