The email looks legitimate at first sight. It is decently written and altogether the design elements are in the proper place.
However, the scammers are most likely relying on the fact that recipients will rush to click on the links once they see that a “postcard” worth $699.99 (545 EUR) has been purchased with their credit card. Attackers hoping unsuspecting user will be more worried about their credit card information has been stolen, rather then the e-mail itself.
GFI Labs experts have investigated these fake iTunes receipts and have found 2 different malicious domains that host the BlackHole exploit kit. Both of them appear to be active.
Users are advised to be careful when receiving such emails, even if they legitimately appear to originate from Apple as the e-mail address are spoofed. Remember to always right click and copy link address!
