"Your online access has been blocked," says the fake email equipped with the Apple logo and color scheme.
"As part of our ongoing commitment to provide the 'Best Possible' service and protection to all our customers, we are requiring each Customer to Update their account (s) using the new SSL servers to avoid suspension of you online access. Please Update your online account (s) by clicking bellow account update."
The offered link takes the victims to a fake Apple login page, where they are asked to enter their Apple ID and password. After "signing in", the are urged to enter their full name, address, phone number, birth data, mother's maiden name, name on payments card, card number, expiry date, and security number (click on the screenshot to enlarge it):
Once all this info is submitted, the victims are redirected to the legitimate Apple website.
Needless to say, the entered information ends up in the hands of cyber crooks, who will use it to perform identity theft, card fraud, and to hijack the victims' Apple Account in order to misuse it for spamming and other nefarious activities, warns Hoax-Slayer.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.