RWW explains that the new attack redirects new Apple buyers to sign up for a phishing site that is created to look just like the real Apple sign-in page. The initial phishing email will come from appleid@id.apple.com, which is fraudulent.
Apple notes that all official Apple emails will come from an @apple.com domain and only from there.
Security firm Intego, which brought the attack to national attention, says the redirect link will take users to a numbered IP address and not an Apple URL. The sign-in page asked for personal info and credit card info tied to your Apple ID.
The attack began right after Christmas, preying on the expected surge in Apple Mac purchases.
Written by: Andre Yoskowitz @ 2 Jan 2012 21:35