The emails appear designed to target new users who might have received an Apple device under the Christmas tree, according to Intego’s Mac Security Blog.
“It has come to our attention that your account billing information records are out of date. That requires you to update your billing information. Failure to update your records will result in account termination”, the bogus email said.
The email directs the recipient to click on a bogus link to “confirm” billing information. According to the blog, Apple customers who click on the link will be taken to a sign-in page and asked to enter their Apple ID and password. Then, the user will be taken to a page asking for credit card information. “This page looks realistic, and many of the elements it contains are taken from Apple’s own web pages”, the blog explained.
To detect phishing emails, the blog recommends that users move their cursor over the link in the email message and wait for a tooltip to pop up and display the URL. Then, the user can check to see if the URL is from a legitimate address, such as apple.com. This information comes right after the http:// in the URL.