It may be easy to dismiss this warning as a repeat of a recent story and that is understandable, as you will find out. But don’t, because it is not a duplicate. There is yet another Apple phishing scam bobbing its way around. This one appears in a text message that looks like it’s from “AppleInc” and warns that your Apple ID is about to expire. However, don’t be alarmed. These scammers are also just trying to trick you out of your highly coveted Apple credentials… again.
Inside the text or SMS message is a link that includes a name of something like “appleexpired,” “applelogin,” or maybe even “icloudbobile.” If it’s clicked, you’ll be asked for your login details and then a “server not found” error of some type will appear.
If you want to feel more comfortable about clicking links you receive in texts, email messages, it’s good to know what domains are. At a basic level, this is the part of a website address just before the “.com,” “.org,” .gov,” etc. or in the case of domains registered in other countries, the “co.uk,” “.ca,” “.jp,” etc. and including the “.com.” So for Apple, the domain would be “apple.com” It doesn’t really matter what comes before that, because “apple.com” is the top level of their website and other pages connected to it will stem from that. Therefore, if you see a link that is apple.applexpired.com, which is what the hackers are using in this case, it’s likely not what you are looking for.
Whenever you are asked to verify your account, change details in your accounts, or want to check on a disturbing text you received, go directly into your account and check that way, rather than clicking links. This will ensure you are going to the correct location.
Bookmark the websites you visit frequently, such as your financial institutions, your utility companies, your healthcare sites, your child’s school, etc. to avoid mistyping a name under duress. Typosquatting, or domain jacking, is a strategy hackers use to steal information as well. They will buy domain names that were legitimate and have expired or been abandoned or that are very close to well-known ones hoping you will mistype the name in the browser.
If you did receive this phishing attempt and fell for it, change your Apple ID immediately. Make sure you change passwords on any other sites on which you use the same password. And when you’re doing this, use unique passwords on all of those so hackers won’t be successful with the password reuse strategy.
Fortunately, some companies are taking measures to prevent these types of scams. Google, for example collects the names of these domains and adds them to a list of forged websites and a warning will popup to alert you. However, there are plenty of malicious sites that have not been reported, so always be on the lookout.
© Copyright 2017 Stickley on Security