Phishing attempt, supposedly from Apple

Discussion in 'Apple' started by David Fritzinger, May 3, 2014.

  1. Just a warning to all. I just received what appears to be a phishing
    email t)hat appeared to be (but wasn't) from Apple. The subject of the
    email is: "Important Notification", and the content is: "As we strive to
    secure your account, please be informed to upgrade to our latest
    security platform here.
    Your privacy and protection is our concern.
    Apple Support".
     
    If you go to the site by clicking "here" (no, I didn't do that-I just
    looked at the preview in Mail), you will see that they ask for all kinds
    of personal information, including your credit card number and security
    code, mother's maiden name, etc.
     
    David Fritzinger, May 3, 2014
    #1
    1. Advertisements

  2. David Fritzinger

    Guest

    David Fritzinger <> writes:

    > Just a warning to all. I just received what appears to be a phishing
    > email t)hat appeared to be (but wasn't) from Apple. The subject of the
    > email is: "Important Notification", and the content is: "As we strive to
    > secure your account, please be informed to upgrade to our latest
    > security platform here.
    > Your privacy and protection is our concern.
    > Apple Support".
    >  


    Beware of people writing in English that obviously don't know it well.

    > If you go to the site by clicking "here" (no, I didn't do that-I just
    > looked at the preview in Mail), you will see that they ask for all kinds
    > of personal information, including your credit card number and security
    > code, mother's maiden name, etc.


    And, feel free to enter bogus/insulting/etc data here. Heh.

    Billy Y..
    --
    sub #'9+1 ,r0 ; convert ascii byte
    add #9.+1 ,r0 ; to an integer
    bcc 20$ ; not a number
     
    , May 3, 2014
    #2
    1. Advertisements

  3. David Fritzinger

    Alan Browne Guest

    On 2014.05.03, 13:59 , David Fritzinger wrote:
    > Just a warning to all. I just received what appears to be a phishing
    > email t)hat appeared to be (but wasn't) from Apple. The subject of the
    > email is: "Important Notification", and the content is: "As we strive to
    > secure your account, please be informed to upgrade to our latest
    > security platform here.
    > Your privacy and protection is our concern.
    > Apple Support".


    I get 2 or 3 per day of these. They come in English, French, German,
    Italian, Spanish and various eastern European languages. I open the odd
    one for potential entertainment (filling the fields with comments about
    their mother and so in occasionally therapeutic).

    Mainly I ignore and delete them.

    --
    "Big data can reduce anything to a single number,
    but you shouldn’t be fooled by the appearance of exactitude."
    -Gary Marcus and Ernest Davis, NYT, 2014.04.07
     
    Alan Browne, May 3, 2014
    #3
  4. David Fritzinger

    Alan Browne Guest

    On 2014.05.03, 15:23 , wrote:

    >
    > And, feel free to enter bogus/insulting/etc data here. Heh.


    I do that manually on occasion when sufficiently moved - but perhaps I
    need to set up an autofill to do it.

    --
    "Big data can reduce anything to a single number,
    but you shouldn’t be fooled by the appearance of exactitude."
    -Gary Marcus and Ernest Davis, NYT, 2014.04.07
     
    Alan Browne, May 3, 2014
    #4
  5. David Fritzinger

    Tim McNamara Guest

    On Sat, 03 May 2014 13:59:00 -0400, David Fritzinger
    <> wrote:
    > Just a warning to all. I just received what appears to be a phishing
    > email t)hat appeared to be (but wasn't) from Apple. The subject of the
    > email is: "Important Notification", and the content is: "As we strive
    > to secure your account, please be informed to upgrade to our latest
    > security platform here. Your privacy and protection is our concern.
    > Apple Support".


    So, not native English speakers then...
     
    Tim McNamara, May 3, 2014
    #5
  6. David Fritzinger

    George Kerby Guest

    On 5/3/14 12:59 PM, in article
    -september.org, "David
    Fritzinger" <> wrote:

    > Just a warning to all. I just received what appears to be a phishing
    > email t)hat appeared to be (but wasn't) from Apple. The subject of the
    > email is: "Important Notification", and the content is: "As we strive to
    > secure your account, please be informed to upgrade to our latest
    > security platform here.
    > Your privacy and protection is our concern.
    > Apple Support".
    >  
    > If you go to the site by clicking "here" (no, I didn't do that-I just
    > looked at the preview in Mail), you will see that they ask for all kinds
    > of personal information, including your credit card number and security
    > code, mother's maiden name, etc.


    Yep, I got the same damn thing. Promptly marked it a s-h-i-t and went on my
    way.

    If they don't have my name, f--k em...
     
    George Kerby, May 3, 2014
    #6
  7. David Fritzinger

    JF Mezei Guest

    On 14-05-03 13:59, David Fritzinger wrote:
    > Just a warning to all. I just received what appears to be a phishing
    > email t)hat appeared to be (but wasn't) from Apple.


    Nobody should be using a email client that displays HTML as HTML, and
    doesn't have a "view source" option.

    "view source" is the best way to see if an email is legit or not. (the
    "Received from" headers provide very good information. An Apple email
    doesn't come from aol for instance),
     
    JF Mezei, May 4, 2014
    #7
  8. David Fritzinger

    Your Name Guest

    In article <53657752$0$47947$c3e8da3$>, JF
    Mezei <> wrote:
    > On 14-05-03 13:59, David Fritzinger wrote:
    > >
    > > Just a warning to all. I just received what appears to be a phishing
    > > email t)hat appeared to be (but wasn't) from Apple.

    >
    > Nobody should be using a email client that displays HTML as HTML, and
    > doesn't have a "view source" option.
    >
    > "view source" is the best way to see if an email is legit or not. (the
    > "Received from" headers provide very good information. An Apple email
    > doesn't come from aol for instance),


    Hovering the mouse over the link in many applications will also display
    the real address from the source code. That's usually enough to tell
    you it's a fake. Even if it doesn't say something completely obvious
    like "astrohackers.com", it will usually try hopelessley to hide the
    fact with something silly like apple.xyz.ru.

    The problem can be legitimate links in email newsletters generated by
    places like MailChimp. These often use coded links which then
    auto-redirect - the coded link is used by the sender's MailChimp
    account for statiscal purposes to see how many people clicked the link.
     
    Your Name, May 4, 2014
    #8
  9. David Fritzinger

    George Kerby Guest

    On 5/3/14 7:51 PM, in article 040520141251437417%, "Your
    Name" <> wrote:

    > In article <53657752$0$47947$c3e8da3$>, JF
    > Mezei <> wrote:
    >> On 14-05-03 13:59, David Fritzinger wrote:
    >>>
    >>> Just a warning to all. I just received what appears to be a phishing
    >>> email t)hat appeared to be (but wasn't) from Apple.

    >>
    >> Nobody should be using a email client that displays HTML as HTML, and
    >> doesn't have a "view source" option.
    >>
    >> "view source" is the best way to see if an email is legit or not. (the
    >> "Received from" headers provide very good information. An Apple email
    >> doesn't come from aol for instance),

    >
    > Hovering the mouse over the link in many applications will also display
    > the real address from the source code. That's usually enough to tell
    > you it's a fake. Even if it doesn't say something completely obvious
    > like "astrohackers.com", it will usually try hopelessley to hide the
    > fact with something silly like apple.xyz.ru.
    >
    > The problem can be legitimate links in email newsletters generated by
    > places like MailChimp. These often use coded links which then
    > auto-redirect - the coded link is used by the sender's MailChimp
    > account for statiscal purposes to see how many people clicked the link.


    "Apple <>" was the bullshit address in this case.
     
    George Kerby, May 4, 2014
    #9
  10. David Fritzinger

    Paul Sture Guest

    On 2014-05-03, JF Mezei <> wrote:
    > On 14-05-03 13:59, David Fritzinger wrote:
    >> Just a warning to all. I just received what appears to be a phishing
    >> email t)hat appeared to be (but wasn't) from Apple.

    >
    > Nobody should be using a email client that displays HTML as HTML, and
    > doesn't have a "view source" option.
    >
    > "view source" is the best way to see if an email is legit or not. (the
    > "Received from" headers provide very good information. An Apple email
    > doesn't come from aol for instance),


    Agreed that an Apple email doesn't come from aol, but with all this cloud
    stuff, some mails from large companies are coming from domains that aren't
    the ones you would expect. They should pay more attention to details
    like this.


    --
    Paul Sture

    The final step of #heartbleed recovery is to call your mother, and advise
    her to change her maiden name -- @gojomo
     
    Paul Sture, May 10, 2014
    #10
  11. On 2014-05-10 10:39:08 +0000, Paul Sture said:

    > On 2014-05-03, JF Mezei <> wrote:
    >> On 14-05-03 13:59, David Fritzinger wrote:
    >>> Just a warning to all. I just received what appears to be a phishing
    >>> email t)hat appeared to be (but wasn't) from Apple.

    >>
    >> Nobody should be using a email client that displays HTML as HTML, and
    >> doesn't have a "view source" option.
    >>
    >> "view source" is the best way to see if an email is legit or not. (the
    >> "Received from" headers provide very good information. An Apple email
    >> doesn't come from aol for instance),

    >
    > Agreed that an Apple email doesn't come from aol, but with all this cloud
    > stuff, some mails from large companies are coming from domains that aren't
    > the ones you would expect. They should pay more attention to details
    > like this.


    Yeah, but if you use the basic rule of "don't click in email", you
    generally don't run into issues. If I get an email from what is
    supposedly a place that might be of interest, I just go to that place
    outside of email. If it is legit, the action/info will be there, if it
    isn't then the email was bogus.

    Beats the hell out of 'viewing source' and having your eyeballs get
    tired trying to read though all the crap those phoney emails have put
    there imo.

    --
    Lloyd
     
    Lloyd E Parsons, May 10, 2014
    #11
  12. David Fritzinger

    Alan Browne Guest

    On 2014.05.10, 09:43 , Lloyd E Parsons wrote:
    > On 2014-05-10 10:39:08 +0000, Paul Sture said:
    >
    >> On 2014-05-03, JF Mezei <> wrote:
    >>> On 14-05-03 13:59, David Fritzinger wrote:
    >>>> Just a warning to all. I just received what appears to be a phishing
    >>>> email t)hat appeared to be (but wasn't) from Apple.
    >>>
    >>> Nobody should be using a email client that displays HTML as HTML, and
    >>> doesn't have a "view source" option.
    >>>
    >>> "view source" is the best way to see if an email is legit or not. (the
    >>> "Received from" headers provide very good information. An Apple email
    >>> doesn't come from aol for instance),

    >>
    >> Agreed that an Apple email doesn't come from aol, but with all this cloud
    >> stuff, some mails from large companies are coming from domains that
    >> aren't
    >> the ones you would expect. They should pay more attention to details
    >> like this.

    >
    > Yeah, but if you use the basic rule of "don't click in email", you
    > generally don't run into issues. If I get an email from what is
    > supposedly a place that might be of interest, I just go to that place
    > outside of email. If it is legit, the action/info will be there, if it
    > isn't then the email was bogus.


    Yep. Though on some obvious phishes I can't resist checking out the
    link. Very often Chrome flags it as a phish in any case.

    --
    "Big data can reduce anything to a single number,
    but you shouldn’t be fooled by the appearance of exactitude."
    -Gary Marcus and Ernest Davis, NYT, 2014.04.07
     
    Alan Browne, May 10, 2014
    #12
  13. David Fritzinger

    Tim Streater Guest

    In article <>, Paul Sture
    <> wrote:

    > On 2014-05-03, JF Mezei <> wrote:
    > > On 14-05-03 13:59, David Fritzinger wrote:
    > >> Just a warning to all. I just received what appears to be a phishing
    > >> email t)hat appeared to be (but wasn't) from Apple.

    > >
    > > Nobody should be using a email client that displays HTML as HTML, and
    > > doesn't have a "view source" option.
    > >
    > > "view source" is the best way to see if an email is legit or not. (the
    > > "Received from" headers provide very good information. An Apple email
    > > doesn't come from aol for instance),

    >
    > Agreed that an Apple email doesn't come from aol, but with all this cloud
    > stuff, some mails from large companies are coming from domains that aren't
    > the ones you would expect. They should pay more attention to details
    > like this.


    This is why, in my email client, I specifically implemented phishing
    tooltips: hover the mouse over a supposed URL and get a tip telling you
    where you will *actually* go if you click it.

    --
    "Once you adopt the unix paradigm, the variants cease to be a problem - you
    bitch, of course, but that's because bitching is fun, unlike M$ OS's, where
    bitching is required to keep your head from exploding." - S Stremler in afc
     
    Tim Streater, May 11, 2014
    #13
    1. Advertisements

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Vince McGowan

    Phishing

    Vince McGowan, Jun 15, 2004, in forum: Dell
    Replies:
    0
    Views:
    512
    Vince McGowan
    Jun 15, 2004
  2. Melandre
    Replies:
    4
    Views:
    980
  3. Bob Levine

    Re: OT: How to combat Phishing

    Bob Levine, Aug 9, 2008, in forum: Dell
    Replies:
    0
    Views:
    414
    Bob Levine
    Aug 9, 2008
  4. Colin Wilson

    Re: OT: How to combat Phishing

    Colin Wilson, Aug 9, 2008, in forum: Dell
    Replies:
    0
    Views:
    377
    Colin Wilson
    Aug 9, 2008
  5. Colin Wilson

    Re: OT: How to combat Phishing

    Colin Wilson, Aug 9, 2008, in forum: Dell
    Replies:
    0
    Views:
    377
    Colin Wilson
    Aug 9, 2008
  6. AirRaid
    Replies:
    0
    Views:
    875
    AirRaid
    Sep 30, 2008
  7. AirRaid
    Replies:
    0
    Views:
    617
    AirRaid
    Sep 30, 2008
  8. Michelle Steiner

    Strange Phishing attempt

    Michelle Steiner, Oct 18, 2013, in forum: Apple
    Replies:
    16
    Views:
    351
    David Ritz
    Oct 20, 2013
Loading...