When it comes to phishing scams Attack.Phishing , the general concept is that cyber criminals will only send Attack.Phishing a link to trick Attack.Phishing users into logging in with their social media or email credentials . But since that is an old school trick , the malicious threat actors are aiming at much more than your Facebook or Gmail password . Recently , we discovered a sophisticated phishing campaign Attack.Phishing targeting Apple users . The aim of this attack Attack.Databreach is to steal Attack.Databreach their Apple ID , credit card data , a government issued ID card , and or passport . That ’ s not all , the scam also asks users to provide it with access to their device webcam to take their snap for verification purposes . It all starts with users receiving Attack.Phishing an email in which the sender poses as Attack.Phishing one of the officials from Apple Inc . The email alerts the user that their iCloud account is on hold because of an unusual sign in activity through an unknown browser and in case they didn ’ t log in from the device mentioned in the email they need to click on a link to change the password . Those who understand how phishing scams Attack.Phishing work will know how to ignore it , but unsuspecting users may fall for it and be tricked Attack.Phishing into clicking the link and giving away their personal and financial information . Upon clicking the link users are taken Attack.Phishing to the phishing page which looks exactly like Attack.Phishing the official Apple ID login page . The users then are then asked to enter their Apple ID and its password to proceed . Once the users are logged in , they are taken to another page which asks users for their credit card details including cardholder name , card number , expiration date , CVV code and ED secure password . Upon giving this info , the users are asked to click the next tab . Remember by now the scammers have got your Apple ID login credentials and credit card information . Because criminals will remain criminals , the more you feed them the more they will ask for . Once the “ next ” tab is clicked , users are invited to enter their personal information including full name , date of birth , country , state , city , address , Zip code and phone number . This is done to use user information for further scams like identity theft and social engineering frauds . Once your personal information is handed over to the criminals , the page asks users to click the “ finish ” tab , but they aren ’ t done yet . Upon clicking the Finish tab users are taken to another page asking them to upload their password , a government issued identity card or the driver license – both sides . The users can click skip to avoid uploading their government issued documents but then they need to allow the website to access their device ’ s camera and microphone to take a snap of them . The users can also click the “ Skip ” tab , and the page will redirect them to the official Apple ID website . Good news is that Google Chrome has already detected the scam and marked the phishing domain as “ Deceptive. ” However , the bad news is that Firefox , Opera , and Safari browsers didn ’ t show any warning messages to their users therefore if you are using these browsers be vigilant .