New iCloud phishing scam targets MobileMe users
Scammers are releasing phishing e-mails that target MobileMe users in an attempt to steal credit card information through fake iCloud-based subscriptions.
If you are a MobileMe user and are looking forward to the switch to Apple's iCloud service next month, be aware that scammers are starting to target the transition. Some MobileMe users are receiving fake e-mails regarding the MobileMe-to-iCloud transition; the e-mails request the users click on links in the e-mail to extend their current MobileMe subscriptions.
The e-mail is from the "MobileMe team," with the subject "Welcome to iCLOUD," and reads as follows:
Dear MobileMe member,
Please sign up for iCloud and click the submit botton [sic], you'll be able to keep your old email address and move your mail, contacts, calendars, and bookmarks to the new service.
Your subscription will be automatically extended through July 31, 2012, at no additional charge.
AfterThat [sic] date, MobileMe will no longer be available.
Click here to update iCLOUD (linked text)
The Apple store Team
This e-mail scam may at first glance appear to be authentic, but if you take a second look there are some tell-tale indicators of scams. For one the e-mail calls the iCloud service "iCLOUD" (all caps), which Apple has not done. It also is sent from "no-reply@iCLOUD.com" instead of from a legitimate Apple.com e-mail address. Additionally, it contains poor grammar and spelling errors, along with being signed by the "Apple store team" which is separate from the iCloud and MobileMe teams involved with developing iCloud. Lastly, it appears to be purposefully confusing, by initially asking you to sign up for iCloud but then suggesting the subscription will keep your MobileMe account active for another year.
The link in the e-mail points to a scam Web site that looks like the Apple Store, and contains an entry form for users to supply credit card information. Like the recent "MacDefender" anti-malware scams for OS X, this new scam tries to pass itself off as a legitimate service to get your credit card information.
If you are uncertain about whether an e-mail is a scam, then an easy way to check is to just visit the Web site. Never click the links in an e-mail, and instead go to the MobileMe or iCloud site to see if there is any information there regarding changes. Regardless of what is sent out to MobileMe users via e-mail, Apple will definitely have all necessary information available through its sites. You can also give Apple a call to get clarification on any changes or announcements that have been made.
Overall, this scam is nothing new, but do be aware that increased efforts will target users of Apple's services, especially during transition phases when more users will be expecting news and details about the services they use.