Tuesday, February 27, 2018

Pretty good Apple phish

So, anyway, I've noticed a lot of Apple phishes coming into my email honeypots, and they're convincing enough to catch the unwary, so I thought I'd document it here a little bit. The initial email looks something like this ...
If you click the link, it takes you to this screen ...
which looks pretty convincing, unless you actually parse out the URL in the address bar, at which time you realize it ain't Apple.com. If, however, you are unwise enough to put your AppleID and password in,(or, as I did, just a bogus pair), you are taken to this screen ...
Followed by this one, which is really the point of the whole thing .... they want your credit card.
The screens, unfortunately, are convincing enough that they'll probably catch a few folk. Be cautious out there. Www stands for World War Web.