The ioscareteam phishing email
Posted by Javi Lavandeira in Apple, Computer Security, Crime, Internet, Privacy | September 19, 2014I just got this very official-looking mail in my main address:
It reads like this:
Dear javi@lavandeira.net, (19 – September – 2014)
This message is to therefore warn you that your iCloud and Apple Account (javi@lavandeira.net) has been temporarily locked until we can validate your Apple Account details. This protective measure to secure your iCloud Account from unapproved usage. We apologise for any inconvenience you’ve been caused.
You will be unable to use iTunes or iCloud sync/backup or the iTunes/App Store & App Store until you verify your Apple Account ownership, we urge you to finish verification as soon as you can. Failure to validate your details within a 48 hours can cause termination of your Apple/iCloud ID to safeguard our system.
How to verify my Apple ID and restore access?
Just proceed to the link underneath to prove ownership of your Apple ID. Log-in in using your Appe/iCloud ID and password, then read the instructions.> Certify My Apple Account
While using Apple devices and services, you’ll still sign in with your main email address as your Apple ID.
If you have questions and need help, visit the Apple Account Care site.
Thanks again,
Apple Account Maintenance TeamCase Support ID: #Y10FHK10419-EU10
It sounds very scary and serious. Should I click the link and log in with my Apple ID and password?
No.
This is just another phishing attempt. You are likely to receive a similar email. Do not, under any circumstances, click on the link and enter your details. I repeat: it’s just another phishing attempt.
Looking a bit closer we can see that the message’s reply-to header points to an address in the ioscareteam.co.uk domain. This domain doesn’t belong to Apple:
The link in the body of the message also points to the same domain. Just place the mouse pointer over the link (without clicking) and wait a couple seconds:
Clicking the link would take you to a very convincing fake Apple site that copies Apple’s real site. Looks like they even copied the country/language selection code.
However, this fake site will send your login details to the idiots who are trying to scam you:
Summary: if you get an email like the one I got, ignore it.