Fake Invoice Phishing Email Targeting Apple Users

Phishing emails continue to be the widely used technique by cyber criminals. over this week Christopher Boyd from Malwarebytes posted a new Invoice Phishing Email that target Apple store users. the email claims to be a confirmation for buying a product and ask user to click on a link to refund their payment if they have not received the purchased item.


Invoice Phishing Email screenshot by malwarebytes

The refund link is pointing to fake URL that is controlled by attackers and contain a login page that ask for Apple ID and password beside the banking information to complete the refund process. such type of phishing attack is very effective especially that any user will directly follow the link to refund his payment thinking that he may have made this order from a long time.

The attack will directly allow cyber criminal to collect sensitive information such as banking account/ Apple ID and password.

If you see similar email make sure to verify the link URL which is always a fake link and if you are in doubt contact your bank and ask about such email they should have a fraud prevention team that deal with such situations.