DarkFiber Consulting is aware of public reports of a phishing attack circulating via email messages that appear to be targeting Apple MobileMe users. These messages claim that there is a problem with the user’s billing information and instruct the user to follow a web link to update personal information. Clicking on this link directs the user to a web page that contains a seemingly legetimate web form requesting personal and financial information. Any information entered in this form is not sent to Apple but rather, to a malicious attacker.
DarkFiber Consulting encourages users to do the following to help mitigate the risks:
- Do not follow unsolicited web links in email messages.
- Use caution when entering sensitive information online.
- Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
- Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.