A new phishing campaign is involved in the compromising of over 100 websites across the
net. They are hosting fake login pages asking for Apple IDs and passwords and are linked to in spam messages. This scam has been around in various forms for a long time, but researchers have recently detected a sharp spike in activity. All 110 hacked sites are hosted on an IP registered to a single ISP in Houston, and still have not been cleaned up. It’s unclear if the ISP is aware of the problem. To date there are nearly 350 known phishing sites related to Apple.
The messages are typical of phishing emails, with generic greetings and sign offs, horrible grammar and broken English. Tech savvy recipients won’t fall for the notification that their Apple account is about to expire and their info needs to be audited, but the urgency of the message could possibly trick less knowledgeable users who might panic at the thought of their account being shut down.
Once the scammers have succeeded in getting someone to turn over their Apple ID and billing info, they can use it to go on a shopping spree at the Apple Store, impersonate you and possibly wipe your Apple devices, steal data stored in iCloud and even blackmail you. They can also use your credit card info elsewhere or sell it to another scammer. To protect yourself, take advantage of the new two-step verification Apple recently implemented, and never click on links in email asking for your info.