The Pennsylvania State Police is warning residents of an Apple ID phishing scam.
"Phishing" is the attempt to acquire information such as usernames, passwords and credit card information by disguising electronic communications to appear as if they are from a trusted source.
It often involves a request to access a web page which can then install malware on the victim's device or "spoofing," which are emails that appear to be from a trusted source and attempt to gain the victim's trust and convince them to provide personal information, including credit card numbers and bank account information.
Legitimate companies will not request login or financial finance information by email, and residents shouldn't share that information with anyone.
Users may receive an email that appears to be from Apple, warning the recipient that their Apple ID has been temporarily suspended because an attempt to sign into the account was made from an unfamiliar IP address, and instructing the recipient to re-affirm their identity by following a link to a remote site, which collects the recipient's information. Anyone who may have fallen prey to such a scam is urged to immediately change their Apple password.
Signs that an email may be a phishing scam include:
* Misspelled words and poor grammar.
* Links that are a string of numbers instead of words; to check a link, hover over it with the mouse, but don't click.
* Threats that security has been compromised or an account will be suspended.
To minimize the chance of becoming a phishing victim, set email to auto-filter spam; install anti-virus software and keep it updated; install a firewall, set it to the highest level and keep it updated; don't open mail from unfamiliar addresses; don't click on email attachments that end with the extension ".exe," which are executable files that, once downloaded, can make changes to devices; if a link goes to a webpage requiring login, don't login; require emails from IT or help desk personnel to always have a name and contact number; and, if a "single sign-on" system is used, use additional, different passwords to access personal information.