Apple has warned customers to be on the lookout for a malicious email after cyber criminals launched a new email scam aimed at tricking users into giving away access to their iTunes account.
iTunes users around the world have reported receiving one of a number of versions of the dodgy email, which at first sight looks like an invoice from Apple and claims that the user recently downloaded a song or audiobook from the iTunes Store.
The email contains an invoice which appears to charge users more than five times what it actually costs to download an individual song.
However, the invoice is a scam designed to get users who are alarmed at the excessive charge of the download to click on the ‘Cancel and Manage Subscriptions’ link located at the bottom of the email.
— Jojo Desmond (@JojoDesmond) July 28, 2016
When the user clicks on the link, rather than being redirected to the iTunes Store they are sent to a fraudulent webpage where they are prompted to supply the username and password to their iTunes account – which of course contains their credit card and online payment details.
Apple has confirmed that it never asks customers to input personal details or submit passwords or credit card info via an email and added that the ‘Cancel and Manage Subscriptions’ link does not appear on official emails sent out by the company.
This latest scam first targeted users in the United Kingdom, however there have been reports of similar scams targeting users in the United States, Australia, Singapore, Canada and Sweden.
— kevin ivers (@kev74ivers) July 28, 2016
This isn’t the first time cyber criminals have used phishing scams to target Apple customers.
Back in May, iPhone users were tricked into handing over sensitive info after receiving an SMS which claimed their iCloud account had been deactivated.
In order to reactivate their account they had to click on the link in the message, the SMS claimed. However, the link was malicious and sent the recipient to a fake website used to try and obtain the account details of the user.
In April, a similar scam told users their Apple ID was about to expire and prompted them to enter their account credentials into fraudulent site which looked very similar to an official Apple webpage.
On its Support page, Apple gives detailed information about phishing and how users can report any email which they think may be malicious.