Apple has not sent out any such requests, and “Symantec is cautioning users to be skeptical of emails claiming to be from Apple.”
The security firm goes to describe what an Apple ID phishing email looks like with various examples for different countries, complete with inline images. One such phishing email from early May came with the following subject lines, according to the Mountain View security firm.
- Please update your Apple account now
- Apple – Your Account Is Not Confirmed
- Please Verify Account Information For Your Apple ID
- Please verify the email address associated with your Apple ID
Some of the emails are so well crafted that they could look legitimate even to the trained eye. Featuring actual Apple graphics (such as a paper theme that casts a shadow underneath the message), the message very much resembles an official email from the Cupertino giant. However, what usually gives them away is the bad spelling and text formatting.
Some Apple ID phishing pages actually ask users to select a localized version. So far, the countries where most of these attacks have been recorded include the United Kingdom, the United States, Canada, Italy, Germany and there’s an option to select “Other,” in the scam.
Australia was most recently hit by a ransomware attack that leverages Find My iPhone to remotely lock devices. The attacker, using the name Oleg Pliss, has locked a number of devices asking for a $100 / €100 ransom to have the device unlocked again. We’ve outlined some best practices to avoid falling into the trap and even how to regain control of a hacked device.
Customers looking to change their Apple ID password for fear of having their account compromised can do so by following Apple’s instructions at http://support.apple.com/kb/ht5624.