Chapter in this post:
In addition to PayPal (see here) Apple is once again one of the names that are misused for data theft. Is current, according to the Police of Lower Saxony, a fake Apple invoice floating around via email for an alleged app store purchase. It is a new version of a phishing method that was used by fraudsters in October last year. The perfidious thing about it: via the email and the invoice downloaded via it, you get to a website on which you not only enter your credit card details, but also disclose other personal data.
The apparent Apple invoice reaches the user via email and suggests that purchases were made via the App Store - either apps or in-app purchases. "[...] The perpetrators are probably also hoping for Apple newbies who only got a new iPhone for Christmas and could have accidentally made purchases inexperienced [...] “, it is said by the Lower Saxony police. It also shows that the link in the mail refers to the dubious URL “appstorezahlungs.com”, which is clearly not an official Apple domain.
In the browser either the aforementioned or "secure-appstore.paymentsupport.com" is displayed, as can be seen on an iPhone screenshot of the source. The latter is also not an official Apple domain. Nevertheless, all data on the Apple ID, the user and the means of payment are queried on the fake page with an imitation Apple look. Extensive identity theft is possible with it. And last but not least, you should also “upload your identity”, that is, upload a selfie with your ID and scans of your ID. If you've received an email like the one described above and in the source, hopefully you haven't revealed anything of the kind.
If you fell for the scam as a new Apple user or because you were not careful enough, you should take a few important steps as soon as possible. Here is a summary of what you should do if you see yourself as a victim of the phishing scam described:
You can find more information on the website of the Lower Saxony Police, which is linked at the beginning (this is also the source of the screenshots shown here); You can get help from Apple Support, your bank and the local police station. If you have received an e-mail as described above, do not open the PDF attached, do not download a PDF "invoice" and do not click any links in the e-mail. If you should do all of this, at least don't reveal any personal information!
Boss or Fraud: This is how the “boss trick” works!
Jens has been running the blog since 2012. He appears as Sir Apfelot for his readers and helps them with problems of a technical nature. In his free time he drives electric unicycles, takes photos (preferably with his iPhone, of course), climbs around in the Hessian mountains or hikes with the family. His articles deal with Apple products, news from the world of drones or solutions for current bugs.