1. Headline
  1. Headline
updated 10/31/2011 6:23:25 PM ET 2011-10-31T22:23:25

A clever phishing email is making its way around the Web, attempting to trick people into handing over their Apple user name and password to view a purported update to their iTunes account.

With the subject "Account Info Change," the email appears to come from Apple, but the address is "do_not_reply@itunes.com via smtp.com," meaning it came from a third-party email service, the security firm Trend Micro reported. (Legitimate emails from Apple show an "id.apple.com" address.)

The discrepancy is so small, however, that Trend Micro said the phony emails share an "uncanny and almost identical resemblance" to real Apple emails, which makes this particular phishing campaign that much more dangerous.

The email informs recipients that their Apple ID was "updated" and includes a link users can click on "to review and update their security settings." The link, written as appleid.apple.com, redirects people to another Web page that looks strikingly similar to Apple's website, except that the phony Apple page includes advertisements at the bottom.

The phishing page asks for users' Apple IDs and passwords, which, of course, are then sent to the crooks behind the scam who can use the stolen IDs to access credit card information, home addresses and phone numbers.

Trend Micro warns users to "always be wary of the littlest detail in your email that may strike you as suspicious. Check and double-check embedded URLs, delete spammed messages, and never underestimate the endless possibilities of cyber crime."

It's also important to remember that Apple laptops, iPhones and iPads, which are long thought to be safer and more secure than PCs, are still not immune from online threats and cyber attacks. A host of new malware has recently emerged  targeting Macs, and rather than banking on the supposed immunity of your Apple product, it's best to install anti-virus software that can detect and prevent cyber crime threats so you don't have to. Of course, there is no substitute for common sense, and no anti-virus software can protect you against social engineering scams like this one. If you receive an unsolicited email like this, contact the company directly rather than clicking on a suspicious link.

© 2012 SecurityNewsDaily. All rights reserved


Discussion comments


Most active discussions

  1. votes comments
  2. votes comments
  3. votes comments
  4. votes comments

More on TODAY.com

  1. Kelly Gunderson via YouTube

    'I'm lovin' you': Woman with Alzheimer's connects with daughter in viral video

    9/2/2014 11:38:34 PM +00:00 2014-09-02T23:38:34
  1. Kirsty Grant / Kirsty Grant

    See why this baby is smiling... and why his dad is cringing

    9/2/2014 5:26:01 PM +00:00 2014-09-02T17:26:01
  1. Dan Hallman / Dan Hallman/Invision/AP

    Joan Rivers remains on life support, her daughter Melissa Rivers says

    9/2/2014 5:59:58 PM +00:00 2014-09-02T17:59:58
  1. Report: ISIS kills second American journalist

    SITE Intel Group, a jihadist monitoring organization, announced on Tuesday that the Islamic militant group ISIS has killed American journalist Steven Joel Sotloff.

    9/2/2014 5:34:24 PM +00:00 2014-09-02T17:34:24
  1. Another American doctor infected with Ebola

    Another American missionary doctor has tested positive for Ebola, an aid group said Tuesday.

    9/2/2014 5:15:35 PM +00:00 2014-09-02T17:15:35