Apple users targeted in email attack amid Black Friday sales


As Apple made impressive earnings across its Cyber Monday and Black Friday sales, with some products coming along with a lucrative $250 gift card, consumers were actively targeted in a credential phishing attack.

Apple’s products were the tech stars of the last week – while their buyers enjoyed popularity with cybercriminals.

Researchers at Armorblox, which provides security solutions, discovered an email attack, which targeted over 10,000 mailboxes. It bypassed Microsoft Office 365 email security, attempting to steal victims’ credentials.

The phishing email titled “We’ve suspended your access to apple services” landed in the mailboxes of thousands of people and was meant to convince users of legitimate communication with Apple.

The email then tried to convince the user that the tech giant failed to validate their credit card, requiring repeated validation. If the recipient failed to re-validate their card, they would lose access to Apple services, such as FaceTime and iCloud.

The message was poorly crafted, although it was sent from a legitimate domain associated with the brand, icloud.com. At the bottom of the email, the victim would find a malicious link masked as a link to an Apple login page.

Once clicked, the link would redirect the user to a fake landing page aiming to steal their details.

“The information included and language used within the email aims to lead victims to click the main call-to-action (login now) located at the bottom of the email. Once clicked, victims were directed to a fake landing page, which was crafted to mimic a legitimate Captcha security check landing page,” researchers say.

Attackers exploited the brand’s name amid Black Friday and Cyber Monday sales to earn the trust of their victims – especially as an increased number of people were making purchases online.

“Microsoft marked this email as safe, (and assigned a SCL score of -1) which would have delivered it to more than 10,000 users’ inboxes if it weren’t for Armorblox stopping this attack,” researchers conclude.

It’s always important to bolster your security amid similar events and holidays. Make sure to set up credit card alerts, secure your devices, use strong passwords, opt for multi-factor authentication (MFA) and two-factor authentication (2FA), and always be careful what you click on when reading through emails.