The launch of a new incarnation (in fact, *two* new incarnations) of the iPhone should have been a good one for the company, and had technology watchers on the edge of their seats.
But, with perhaps depressing inevitability, there were some who were determined to spoil the party: online criminals.
You see, phishing cybercriminals aren’t just after your credit card details – they’d quite like to get their hands on your Apple ID and password as well. And, sure enough, a spam campaign designed to phish login details and credit card information from Apple users has been spammed across the internet.
You may not think that the Apple ID and password you use on your iPhone or MacBook is that valuable, but it is tied to your credit card – and can be used for making purchases in the iTunes store and Apple’s App Store. For that reason, they are credentials that cybercriminals have an interest in stealing, and selling on to others.
Malwarebytes, who spotted the spam campaign, reported that malicious emails had been sent “en masse” linking to phishing websites.
As you can tell by the screen captures of the phishing websites, these bad guys aren’t just interested in stealing your Apple ID credentials – they would be quite happy to steal your credit card information as well.
Be on your guard against phishing attacks, and always take care to check that the website you are entering your password details on is legitimate and not a bogus site designed to slurp up your private details.
More information on the threat can be found on the Malwarebytes blog.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.