There is nothing really special about this Apple phishing attempt. The email text is identical to what we normally see. The only mentionable thing is the amount of copies I have received today. Somewhere in the region of 300 copies in the last couple of hours. The subject is one we see regularly Your Apple ID has been disabled for security reasons!
The bots sending these must be having a bad day, because I am seeing several copies where all the body content is in the subject line & nothing in the body.
From: Apple <firstname.lastname@example.org>
Date: Mon 20/06/2016 11:12
Subject: Your Apple ID has been disabled for security reasons!
Dear Apple Customer, Your Apple account has been frozen. We recently reviewed your account, and we need more information to help us provide you with a more efficient secure service. Until we can collect this information, your account will be frozen. We would like to restore your access as soon as possible, and we apologize for the inconvenience. Verify Now a> Wondering why you got this email? It’s sent when someone adds or changes a contact email address for an Apple ID account. If you didn’t do this, don’t worry. Your email address cannot be used as a contact address for an Apple ID without your verification. Thanks, Apple Customer Support
TM and copyright © 2015 Apple Inc. Apple Sales International, Hollyhill Industrial Estate, Cork, Ireland. Company Registration number: 15719. VAT number: IE6500randW.
The link behind the verify now goes to http://interwurlitzer.com/write/it.html which redirects to http://flyingstart.ca/science/disabled/apple/index.php neither or which look even vaguely like any Apple site so shouldn’t fool anybody, but of course some careless users will click through, not look at the URL in the browser and give all their details
If you are careless enough or unwise enough to enter your apple ID & password, you get to this page where they ask for all the personal & financial information
We all get very blasé about phishing and think we know so much that we will never fall for a phishing attempt. Don’t assume that all attempts are obvious. Watch for any site that invites you to enter ANY personal or financial information. It might be an email that says “you have won a prize” or “sign up to this website for discounts, prizes and special offers”
Please read our How to protect yourselves page for simple, sensible advice on how to avoid being infected by this sort of socially engineered malware.
All of these emails use Social engineering tricks to persuade you to open the attachments that come with the email. Whether it is a message saying “look at this picture of me I took last night” and it appears to come from a friend or is more targeted at somebody who regularly is likely to receive PDF attachments or Word .doc attachments or any other common file that you use every day. Or whether it is a straight forward attempt, like this one, to steal your personal, bank, credit card or email and social networking log in details. Be very careful when unzipping them and make sure you have “show known file extensions enabled“, And then look carefully at the unzipped file. If it says .EXE then it is a problem and should not be run or opened.