Gullible Apple users targeted by bogus order cancellation scam

Protip: Don't click links in emails from unknown senders. Ever

Cybercrooks are targeting Apple iCloud users with phishing messages designed to steal financial information.

A new run of spam messages offer a slight twist on the popular ”bogus order" scam. Instead of simply telling you about a payment you're supposed to have made, prospective marks are invited to cancel a transaction already flagged up as potentially suspicious.

In reality there is no suspicious transaction. Victims are being induced into handing over login information to fraudsters on a bogus pretext, as explained in more detail (and with screenshots) in a blog post by Sophos here.

The scam isn’t particularly well concealed and there are plenty of clues that something is amiss, such as use of a website that is not associated with Apple, bad grammar in the spam email and other inconsistencies. Nonetheless, the scam has the potential to hoodwink the unwary, not least because it's a bit out of the norm.

Chris Boyd, a malware intelligence analyst at Malwarebytes, commented: "Legitimate looking bill payment cancellation phishing attacks have been around for a few years, but typically target banks, online payment services or areas of business related to HR or payroll. Seeing it applied to iCloud users is an interesting twist, but as with all similar forms of attack there are enough clues to tip-off the wary.”

“Never enter payment or personal information into a webpage sent via an email, and always navigate to the site directly if needs be – even better, check with the company if what you're looking at is the real deal. There's a good chance it isn’t,” he added. ®


Biting the hand that feeds IT © 1998–2017