Beware Apple ID Phishing Emails

Just last week, I wrote an Ask the iTunes Guy column about Solving Apple ID frustrations. So I found it ironic to get the following email today:

002.png

As often with well-crafted phishing messages, this email looks real. It claims to be sent from do_not_reply@icloud.com, and the design mimics Apple’s emails. Yet it’s a fake. (Which, if you check the grammar and capitalization, seems obvious…)

Apple will send emails of this type, but I’ve never seen any saying that my Apple ID has been disabled for security reasons. I have gotten emails saying that I just changed my Apple ID password, or telling me that I’ve added my Apple ID to a new device. These messages are sent in case you didn’t make the change, so you can contact Apple.

So the first thing to do, if you really think such an email is legitimate is hover your cursor over the link in the email. As you can see below (I’ve blurred part of the domain that has been hacked to host the bogus sign-in page), this is not an Apple web page:

003

If you see that the link is not going to apple.com, then it’s bogus. Another thing you can do is right click on the link, choose Copy Link, then paste it into a text editor or word processor. You’ll see the entire link, and you’ll see that the domain is not apple.com.

If you’re using an iPad or iPhone, you can’t hover over a link. So you need to tap-and-hold on the link, then choose Copy. Switch to a text editor, or to Notes, and paste the content into that app so you can read it.

So be very careful. Hackers would love to get your Apple ID password. They can use it to empty your credit card by purchasing stuff from the iTunes Store, Mac App Store, and other Apple services. Be quick; don’t click!