The phishing scumbags have come out of the shadows. Their latest target: Developers waiting for Apple’s breached developer site to come back online.
In a new campaign, the recent service outage of Apple’s Dev Center has prompted a flood of phishing emails asking users to change their passwords — and short as the email is, to the average user, it may be viewed as legitimate.
Phishing attacks are a relatively simple scheme. Users click on a link in an email that they believe to be from a legitimate source, and thus allow malware to be installed, or have their login information for the legitimate site stolen.
If you’ll look in the screenshot above, there are some tell-tale signs something isn’t kosher. The grammar mistakes are a hint, as is the missing upper-case “A” in “Apple.” Also, the link in the email points to a non-Apple domain.
Security firm Kasperky Lab has found that Apple-related phishing scams have greatly increased in the last six months, with scammers focused on stealing login credentials and financial data.
While the original breach at the Apple dev site apparently wasn’t malicious, the phishing cockroaches have scurried out from the shadows to exploit the situation.
Be careful out there.