A new cell phone scam targeted at iPhone users tries to steal their Apple login details by sending a fake Spotify/iTunes email. The phishing email claims to be from Apple and Spotify. If a user clicks on the link, the email says the user had bought a year of Spotify Premium for $150.99 and links to a page to ‘review your subscription’. A fake Apple landing page – which looks like a real one - then asks for log-in details.
“One of the most common types of phishing is an email that contains a fraudulent link. In this case, users are likely to give away their personal information, because they will be obviously worried they might be charged $150,” said Ruby Gonzalez, Communications Director of NordVPN. “The supposed website of a trusted brand, such as Apple, creates a fake sense of familiarity, which misleads people into entering their private information.”
According to Apple, if a user receives an email asking them to update their account or payment information, they should only do so directly in their Settings on the Apple device that they are using. Users can update their passwords at appleid.apple.com.
NordVPN also recommends using its CyberSec feature, which is designed to block advertisements, malicious sites, and phishing links. While it’s still not available on iOS, CyberSec can be used on Windows, macOS, Linux, as well as on the mobile app for Android.
NordVPN provides these tips for spotting a phishing email:
For additional safety, use a VPN. Using a VPN when browsing can protect you against malware and phishing that targets online access points.