App Developer Password Scam
How the scam works:
There are many app developers out there and this scam relates directly to their livelihood, so if you aren’t an app developer but you know one, please pass this information along to them.
App developers are receiving emails from the Apple website for developers, giving the recipient a heads up on this scam aimed at getting developers’ passwords. These scammers took advantage of an actual situation that recently occurred. The site was down for an extended period last month to – ironically enough – secure the site further due to an attempted security breach.
These phishing emails initially look legitimate but a closer scrutiny reveals grammatical errors, a fake domain name in the address and a missing capital “A” in Apple. All of these things taken together verify that this is not a real communication from the company but a cheap attempt to steal personal information such as login ID and passwords. However, these scammers are banking on the fact that users will be sufficiently freaked out by the content of the email that they will not bother to look for these scam identifiers.
The bogus email states that the developer needs to “verify” their account on the developer website, as they’ve been “locked out”. The email is so bold as to even advise developers that they need this information to keep “fraudsters” from infiltrating their accounts! The email then leads one to click on a confirmation link; clicking this link will take you to the page to “confirm” your information, but could also contain malware.
How to avoid:
No matter how concerned you are about being able to gain access to a site you use regularly, make sure you read any communication regarding your account. Look for grammatical errors, misspellings, letters that should be capitalized that are not, domain names being different than the legitimate domain name and other things of this nature. These are all hallmarks of scammers. Another thing to watch for is any email that requires you to click on a link. Unless you are 100% certain of the source of the email, never click on a link. You will most likely wind up with malware on your computer, as well as giving phishers full access to your account, including your financial information – which is exactly as they planned.
Make your friends and family aware of this scam by sharing it, using the buttons provided.