Apple Phishing Alert: ‘Your account has been accessed by another machine!’
Did you get an email claiming that your Apple account was accessed from another computer?
Spammers are pumping out fake email notices hoping that users will hand over their Apple ID login information in order to “confirm” that they’re the true owner of their account.
Here’s a copy of the phishing email being sent out:
From: iTunes Store <firstname.lastname@example.org>
Subject: Your account has been accessed by another machine !
Dear Apple Customer,
To get back into your apple account, you’ll need to confirm your account . It’s easy: Click the link below to open a secure browser window. Confirm that you’re the owner of the account and then follow the instructions.
The link will expire 72 hours after this email was sent.
Unlock Apple ID >
Questions? There are lots of answers on our Apple ID support page >
If you weren’t trying to reset your password or unlock your Apple ID, don’t worry ! your account is still secure and no one has been given access to it. Most likely, someone just mistyped their own email address while trying to reset their password.
Apple Customer Support
If the typos & poor grammar don’t throw red flags to the unsuspecting user, it’s unlikely that they’ll notice that the ‘Unlock Apple ID >’ link goes to a third-party website dressed up to look like the Apple ID login page. All of the other links in the email actually point to legitimate pages on Apple’s website.
Screenshot Credit: PhishTank
Entering your Apple ID and password on the fake login page will send it directly to the miscreants behind this phishing scam.
If you think about it, there is a bit of truth in the phishing email – if the user confirms they’re the owner of an Apple account by handing over their login info, it will be accessed by another machine when the cybercrook hijacks it.
Thankfully, the PhishTank report for this phishing page states that it’s been taken offline, but another could easily be setup elsewhere.
Keep Your Apple ID Safe
Since this scam requires user interaction, it should be fairly simple to keep your Apple ID login information private and out of the spammer’s hands. If you get an email like the one above or any other suspicious emails for that matter, it is recommended that you:
- Do not click on any links within the email. Manually type in the URL of the website you wish to visit into your browser address bar instead.
- Never login to your account without double-checking the URL first. Make sure that it belongs to the website you’re attempting to login to.
- Report the phishing email to Apple by forwarding it to email@example.com.
- Delete the email immediately.