Intego posted an alert on the scam earlier this week, noting that the first emails appeared to have gone out on or around Christmas day. The phishing email purports to come from "firstname.lastname@example.org" and informs recipients that their billing information records are "out of date."
Customers are directed to click on a link to http://store.apple.com, but they are instead redirected to a "realistic-looking sign-in page," according to the security firm's report.
Though phishing scams targeting Apple customers are by no means new, this particular scam has attracted attention because it is unusually detailed in its efforts to deceive. The email makes use of the Apple logo and shading and employs better formatting than similar frauds in the past.
As a precautionary measure, users should remember not to click directly on links from email messages and instead navigate to the website in question on their own.
Phishing email seeking AppleID billing information. Credit: Intego.
In August, scammers set out to trick Apple's MobileMe subscribers into upgrading to the then-forthcoming iCloud service. Around the Thanksgiving holiday, another scam cropped up falsely advertising an iTunes gift certificate that was actually malware meant to pilfer passwords and other personal information.
Mac users were also the target of an elaborate hoax involving fake anti-virus software, usually dubbed MacDefender, earlier this year. The application would automatically download itself onto users' computers in an attempt to obtain their credit card information. Russian police later found evidence tying the scam to online payment service Chronopay.