Feeds:
Posts
Comments

Archive for May 1st, 2018

by Tom Nelson

The Mac App Store was supposed to be the place to find and purchase apps for a Mac without having to worry whether the seller, developer, or some other third-party had somehow tampered with the app for nefarious purposes. You also weren’t supposed to need to worry about the download sites being full of ads that could contain malware, ransomware, or other worrisome possibilities.

For the most part, the Mac App Store, along with the other Apple app stores, has lived up to this expectation of being a place where malware and deceptive practices don’t exist. For the most part…

Unfortunately, it’s still advisable to make use of the various stores with caution; not so much about the worry of malware being embedded within an app, though it may happen once in a while, but of scammers trying to acquire personal information by using the Apple stores as bait.

Email Scams Using the App Store as Bait
I just got an email phishing scam this week that pretended to be from Apple, warning me about a purchase I made on the Mac App Store that wasn’t made by a device that Apple recognized. I should, according to this email, use the included link and log in to a special section of the Mac App Store, where I would be asked to verify or cancel the purchase.

The Mac App Store has a reputation as a safe place to purchase Mac apps from, but that doesn’t stop scammers from using the Mac App Store as bait in phishing schemes. Screen shot © Coyote Moon, Inc.

What a load of hooey. This email had scam written all over it. Besides its use of long run-on sentences and other grammar faux pas, there were a number of other indicators that can be spotted in most of these email phishing expeditions. Apple even has a guide to help you identify legitimate emails from the App Store.

Another phishing scam making the rounds involves receiving a confirmation note about a subscription you purchased in one of the Apple stores. The text of these subscription scams all start by confirming a free trial subscription to a service, and notifying you that once the free trial is over, the monthly cost is an absurdly high amount. One current example is a subscription to YouTube Red, at a monthly cost of $144.99. The purpose of this type of scam is to get you to click on the Cancel Subscription link included in the email. Doing so will take you to a site where you’ll be asked to provide your Apple ID or credit card info, or both. Of course, there never was a subscription to the service, but playing on the fear of being billed will lead some people to click that cancel link.

Read more on Rocket Yard, The MacSales.com Blog

Advertisements

Read Full Post »