As many of you know, I am currently in Norway due to a work engagement. I arrived yesterday morning, after a day of traveling and an overnight flight. Obviously, as an iPhone and iPad user, I was making good use of free wi-fi when it was available in airports and at the hotel after my arrival.
Last night, I was also the recipient of an email that got past the Outlook.com spam and phishing filters, notifying me that my Apple ID, the ID I use with the iTunes store, the App store, etc. was being disabled because it was being accessed from a foreign IP address. There was then a link to click that would enable me to confirm my identify, using my credit card as stored in the iTunes store.
As it turns out, that was the first thing that made me suspicious, as I have never let Apple store my credit card info in the iTunes store. (I prefer to buy gift cards and redeem those instead of trusting them to hold on to my credit card info..)
But, other than that, the email was completely feasible. As I looked at it on a mobile device that doesn’t show the true link information, I couldn’t see where the link was really taking me, which was why I decided to ignore it until such a time as I could look at it on a PC. Had I been traveling without access to a PC, which would not be that uncommon, I might not have taken the time to catch that. Again, because here the email was telling me that someone from a foreign country was trying to access my iTunes account, on the very day I was using my iPad in a foreign country.
I don’t think this is a coincidence. I’ve not seen this email before. In fact, even when I check my spam, my Apple ID is not something that is commonly being phished for in email. I suspect that on one of those public wi-fi networks, someone was sniffing traffic for Apple ID’s and sending the phishing attempt based on what they would be able to capture, the ID itself. After all, it’s definitely targeted at people who are currently traveling.
Or maybe I’m more of a conspiracy theorist than I like to admit…
Have you ever been phished based on something you are actually doing right now?