Apple Users Targeted with iCloud Phishing Scam

        Recently IT security researcher Mehrdad noticed Apple users reporting that they couldn’t access their iCloud accounts. He then did some social engineering but didn’t find anything until one of his clients mentioned that they had received an email from Apple several days ago. It claimed his iCloud account has been blocked and asking them to click on a link in the email.
Upon looking at the email, it seemed legit but after tracing header of the email he discovered two things:
1. The email wasn’t sent from apple
2. The link in the email body doesn’t belong to the official website of iCloud and redirect to somewhere else!

Screenshot from the email sent by cyber criminals

➢ Sender: AppIe+iWT2XUJ@relay.skynet.be
➢ URL: www (dot) cityjoinery (dot)com/iCloud

Chrome already detected the site hosting phishing scam

This is an old trick which you may already know as “phishing” but even today it’s a growing threat and one of the most successful ways to steal someone’s data. Here is another email that Mehrdad found encouraging users to confirm that they had made a purchase from Apple