An extremely convincing iCloud phishing scam site has surfaced. The site uses the URL http://signinicloud.com (DON’T visit it!) and looks and feels just like Apple’s existing https://appleid.apple.com website.
Victims are invited to visit the site via a fake SMS/iMessage received in their iPhone, such as that shown above, and subsequently invited to input a range of personal details – including credit card number.
Inputting any username and password to login to the phishing site – even something like firstname.lastname@example.org and password – returns a message that the account is locked. The user is then invited to input everything from credit card number, to home address, and security questions such as mother’s maiden name and driver’s license.
Looking-up WHOIS details for the website – that is, the individual who registered it – shows that it was registered by Launchpad, Inc. (HostGator), seemingly for somebody in Nobby Beach, Queensland, Australia. However any further details are hidden behind the privacyprotect.org scheme, that aims to provide privacy for domain registrants.
Take a look at the screenshots below to see how sophisticated this scam is. All are taken from the phishing site. Of course, warn all your friends, family and colleagues.