One of the most difficult threats to avoid is the phishing scam, which attempts to scam users by mimicking a trusted website, service or company. Fortunately, such attacks usually give themselves away with poorly written emails or badly executed fake sites, but a recent scam targeting Apple’s customers has gained attention for the opposite reason.
Victims are hooked by an official-looking fake email informing them they need to update their billing information with Apple. A link that appears to point to the Apple Store is included, but when clicked it re-directs users to a fake website that is apparently hosted on its own server.
To make matters worse, the fake site looks like a legitimate Apple login page. Only a support number that begins with a 0 instead of a 1 might alert users that something strange is going on. The site otherwise appears professional and is free of the grammar issues and improper or missing images that often give away such facades like this.
So what can you do to protect yourself? You could just avoid clicking email links, though that may not always be practical. Another idea is to pay attention to your URL bar to make sure that the proper URL appears when you visit a site. In the case of the fake site, the URL shows the IP address of the scammer’s server rather than the real Apple Store address. You could also use a security suite with built-in anti-phishing features.
For more tips on how to avoid these sorts of attacks, check out Danny’s article on common tactics that can help you avoid being phished.