Apple ID Phishing Email Shows Some Cybercriminals Are Not Trying Very Hard

Poorly designed Apple phishing email (click to see full)

Security researchers from Malwarebytes have come across an interesting Apple ID phishing email. When I usually say it’s interesting, I mean that it relies on some clever technique to trick users, but this time it’s not the case.

This particular email is interesting because it’s so poorly designed that no one would probably fall for it. Some phishing emails contain “security warnings” to make the fake notifications look more legitimate.

However, in this case, recipients are told right from the start that the email is spam. The actual body of the message is displayed at the middle of the email, unformatted. Then, at the end of the email, additional information which shows that it’s spam and that it could contain “a virus” is displayed.

The actual phishing notification reads something like this:

“Dear customer,
Your Apple ID was used to sign in to iCloud on an iPhone 4.
Time: February 10, 2014
Operating System: iOS;6.0.1
If you recently signed in to this device, you can disregard this email.
If you have not recently signed in to an iPhone with your Apple ID and believe someone may have accessed your account, please click here to confirm your details and change your password.”

As you can see, the spammers haven’t even taken the time to change the date to something more recent.

As Malwarebytes’ Chris Boyd highlights, “Sometimes scammers get it right and pull off extremely clever and subtle phish attacks. Other times, they get it wrong and you’re left scratching your head and wondering what on earth happened.”


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s