Apple Lockdown Mode helps protect users from spyware

“Your Recent Purchase with your Apple ID”…

Apple fans should steer clear of a convincing phishing mail doing the rounds, with the sender address popping up in a 419 scam not so long ago. Here’s the mail in question:

Fake Apple mail

It’s a fake tax receipt which states that a purchase has been made for “Rain Radar, Remove Ads”. If you didn’t make this purchase, you should visit the link (12 hour time limit, hurry now to avoid disappointment!) to cancel the purchase. It reads as follows:

Your recent purchase with your Apple ID

If you did not authorize this purchase, please visit the link below within the next 12 hours in order to cancel the purchase and restore your Apple ID

The stated amount isn’t large – £1.49. However, scammers are probably aware that banks advise customers to watch out for small transactions. This is because they’re easy to miss buried in a pile of payments, as opposed seeing a few thousand pounds going out the back door for the purposes of buying a gold plated yacht.

The link itself is a bit.ly effort, which has so far been clicked by 303 people, with the bulk of those being based in the UK (158). The shortened URL leads to

apple(dot)id(dot)newapp-it(dot)com/apple

We can’t show you what’s on the page as it has already been taken down, but we don’t know if this is due to an abuse report or if the scammer is going to upload something else instead. Either way, it’s probably a good idea to not click the links from these supposed tax receipt emails. Even though the final destination for the above scam is currently missing in action, there’s more than enough fake tax receipt mails going around these days – and they do look rather convincing…

Christopher Boyd (Thanks to Glen for sending this our way)

ABOUT THE AUTHOR

Christopher Boyd

Former Director of Research at FaceTime Security Labs. He has a very particular set of skills. Skills that make him a nightmare for threats like you.