- 843
- 228
Attackers have found a new way to bypass spam filters and attack users through Apple mail servers. Fraudsters have started using invitations from iCloud Calendar to send phishing emails disguised as purchase notifications. As BleepingComputer
found out , the scheme looks like this: the victim receives an email allegedly from Apple from noreply@email.apple.com. The email says that $599 has been debited from the PayPal account, and to clarify the details or cancel the transaction, you need to call the specified number. In fact, this is typical callback phishing. After calling "support", a person runs into scammers who try to convince him of the need to install software for remote access. The outcome is predictable: instead of a "refund", the victim risks losing access to a bank account or their data. The main trick is that the scammers place the text with the "receipt" and phone number in the Notes field of the calendar invitation. When such an event is created and external addresses are invited to it, iCloud automatically sends out invitations on behalf of Apple. In one of the recorded cases, the letter arrived at the corporate Microsoft 365 address, which forwarded it to many participants at once. Due to the fact that the letter was sent directly from Apple servers, it looks legitimate and has a better chance of passing anti-spam filters. This is what makes the new scheme especially dangerous. Experts advise: if you receive a strange calendar invitation with suspicious text, especially related to payments, ignore it and under no circumstances call the numbers listed. Today we also wrote about Apple's problems with copyright holders: two American writers, Grady Hendrix and Jennifer Roberson, filed a class action lawsuit against the corporation. @ Anti-Malware
found out , the scheme looks like this: the victim receives an email allegedly from Apple from noreply@email.apple.com. The email says that $599 has been debited from the PayPal account, and to clarify the details or cancel the transaction, you need to call the specified number. In fact, this is typical callback phishing. After calling "support", a person runs into scammers who try to convince him of the need to install software for remote access. The outcome is predictable: instead of a "refund", the victim risks losing access to a bank account or their data. The main trick is that the scammers place the text with the "receipt" and phone number in the Notes field of the calendar invitation. When such an event is created and external addresses are invited to it, iCloud automatically sends out invitations on behalf of Apple. In one of the recorded cases, the letter arrived at the corporate Microsoft 365 address, which forwarded it to many participants at once. Due to the fact that the letter was sent directly from Apple servers, it looks legitimate and has a better chance of passing anti-spam filters. This is what makes the new scheme especially dangerous. Experts advise: if you receive a strange calendar invitation with suspicious text, especially related to payments, ignore it and under no circumstances call the numbers listed. Today we also wrote about Apple's problems with copyright holders: two American writers, Grady Hendrix and Jennifer Roberson, filed a class action lawsuit against the corporation. @ Anti-Malware