What is an Email Scam?
An email scam is an attempt to trick you into giving up a piece of your personal information, or to take your money. One of the most common ways people are tricked into scams is through phishing emails.
Phishing emails will usually come from a site with a URL that is close to the original website and may even use the same name as the legitimate site. Other times, they will come from a very similar-looking email address. It's important to note that phishing emails are not always sent by scammers; sometimes companies and individuals may send these types of messages in order to get you on their mailing list, for example.
Phishing emails will almost always ask you to click on a link, or they will give you a link and tell you that it is broken. When you click on one of these links, malware may be installed on your computer without your knowledge. This could allow someone to gain access to your computer and all of the private information contained on it.
Whats is the Iforgot.apple.com Phishing Email Scam?
This email scam is based on the infamous “iForgot my Password” page. This page has a security URL that you can use to recover your password so it can't be accessed by someone else. Even though this site is technically a legitimate website, scammers will send emails to their victims which direct them to the legit iForgot page and tell them that they need help. The email they send directs users to enter their username, password, and answer two security questions in order for them to regain access.
When these emails are opened, malware is installed on the victim's computer without their knowledge or consent. In this case, iforgot will put up a fake login window with an address similar enough so as to fool the victim. As soon as the login information is entered and submitted, their computer will be hacked by a cybercriminal who will then take over the user's device.
How Do I Avoid Falling Victim to the Iforgot.apple.com Phishing Email Scam?
There are a few important things you can do to avoid falling for this scam:
Know How to Spot a Phishing Email - In almost all cases, phishers will send out emails that try to make you believe they come from someone you know or an official organization like your bank, credit card company, or even Apple. Phishing emails are typically designed in order to trick you into clicking on a link or giving out personal information about yourself. If you don't recognize the email, do not click on the link.
Be Fearless - If you do receive a phishing email, just delete it and forget about it. Don't worry about not being able to log on to your accounts again; just let them go and move on with your life.
If you're out of the US, be careful when clicking links sent via email. There are scammers who send emails that try to convince you to open an attachment that contains malware which can take over your computer or steal money from your account. Always check for attachments before clicking on a link within an email or following any instructions within an email (including any security information).
If you missed any security alerts or security bug checks when logging in, do not proceed until the issue has been resolved.