Apple seem to have leaked iCloud email addresses?

[Weaselboy]

Quote:

Originally Posted by hippiechickadee

What does sending them to our junk box do? Does it cause anymore (from that email address) to go right to junk?

Yes, but I notice sometimes it takes couple messages to train the filter.

Quote:

Originally Posted by hippiechickadee

Someone else asked if there is some setting to receive emails only from people we know. Is that possible?

You could make a Mail rule like this.

[hippiechickadee]

Quote:

Originally Posted by Weaselboy

Yes, but I notice sometimes it takes couple messages to train the filter.



You could make a Mail rule like this.

Image

Thank you!!! This was just what I was looking for.

I have not gotten any spam in 2 days *gasp* is it fixed?

[macbookairman]

Quote:

Originally Posted by hippiechickadee

Thank you!!! This was just what I was looking for.

I have not gotten any spam in 2 days *gasp* is it fixed?

Same with me, none in the past two days. I sure hope this isn't just a temporary lull.

[rmwebs]

Also been recieving these spam messages.

For what its worth, I never, EVER use my iCloud address and have never given the address out (or one that would be considered similar but with another provider).

Whatever the leak is (if any) its internal or app based, not someone pulling the addresses off some list, or crawling the web for them.

Either Apple have/had a security flaw (highly possible, and they would never, EVER admit to it) or someone's getting very lucky with a random dictionary attack.

[KiKiVon]

More spam today this time from kickstartingblog.com -- and the domain again is owned by Game Content Distribution Networks LLC - however today I did a little more research. It appears Game Content Distribution Networks LLC is owned by loan-closers.com - I looked up Game Content Distribution Networks on the Wyoming Sec'y of State site and cross referencing the exact address.

https://wyobiz.wy.gov/Business/Filin...92012207233028

http://www.la.bbb.org/business-revie...jo-CA-13133858

Principal Office: 25909 Pala Suite 315
Mission Viejo, CA 92691 USA

Which turns out is a CA address that resolves to loan-closers office.

At some point someone else, with some authority to do something, has to be smart enough to trace this right?

Also I found this article: http://www.redorbit.com/news/technol...issues-010213/

[hippiechickadee]

More spam today- it was too good to be true.

kickstartingblog.com

[Kurwenal]

Same here -- three messages all at once. I guess the fact that it wasn't ten, like before is progress.

Meanwhile, my Gmail account continues a nearly perfect record of spam detection.

[macbookairman]

Quote:

Originally Posted by KiKiVon

More spam today this time from kickstartingblog.com -- and the domain again is owned by Game Content Distribution Networks LLC - however today I did a little more research. It appears Game Content Distribution Networks LLC is owned by loan-closers.com - I looked up Game Content Distribution Networks on the Wyoming Sec'y of State site and cross referencing the exact address.

https://wyobiz.wy.gov/Business/Filin...92012207233028

http://www.la.bbb.org/business-revie...jo-CA-13133858

Principal Office: 25909 Pala Suite 315
Mission Viejo, CA 92691 USA

Which turns out is a CA address that resolves to loan-closers office.

At some point someone else, with some authority to do something, has to be smart enough to trace this right?

Also I found this article: http://www.redorbit.com/news/technol...issues-010213/

Nice work. I see their website lists a 24/hours emergency cell phone contact. I'm a bit tempted to call and see if I can get any info out of them. Although I'm sure even if they were involved, they'd just deny it.

[hippiechickadee]

Quote:

Originally Posted by macbookairman

Nice work. I see their website lists a 24/hours emergency cell phone contact. I'm a bit tempted to call and see if I can get any info out of them. Although I'm sure even if they were involved, they'd just deny it.

I would LOVE it if you did! Report back if you decide to!

[Anonymous Freak]

I get obvious dictionary attacks on my domain on a regular basis. I see identical messages going to "a@", "aa@", "ab@", etc. Some times the dictionary attacks are more selective, using what are obviously prefixes drawn from other sources (so even though I use acertainprefix@gmail.com and acertainprefix@me.com, I do *NOT* use that name at my own domain. Yet I occasionally get spam sent to it.)

Likewise, I have gotten phishing attempts to my address at one common-webmail-provider that the account it is trying to phish me on uses the address at another common webmail provider. (So for example if my PayPal is linked to @yahoo.com, I'll get a phishing attempt for my proper address, only @gmail.com.)

[Ibjr]

Got hit today, just now, again. Very annoying that there is no way to send it to the icloud spam address without loading the images on an iOS device.

[KiKiVon]

So we've all gotten hit again - this time by hijkale890.com -- however these email addresses appear to be spoofed. If you look at the long headers the emails are actually coming from simplykarate.com and that domain conveniently has a private domain registration:

Registration Service Provided By: Namecheap.com
Contact: @namecheap.com
Visit: http://namecheap.com

Domain name: simplykarate.com

Registrant Contact:
WhoisGuard
WhoisGuard Protected ()

Fax:
11400 W. Olympic Blvd. Suite 200
Los Angeles, CA 90064
US

Administrative Contact:
WhoisGuard
WhoisGuard Protected (@whoisguard.com)
+1.6613102107
Fax: +1.6613102107
11400 W. Olympic Blvd. Suite 200
Los Angeles, CA 90064
US

Technical Contact:
WhoisGuard
WhoisGuard Protected (@whoisguard.com)
+1.6613102107
Fax: +1.6613102107
11400 W. Olympic Blvd. Suite 200
Los Angeles, CA 90064
US

Status: Locked

Name Servers:
ns1.bsanetworks.com
ns2.bsanetworks.com

Creation date: 21 Dec 2012 01:15:00
Expiration date: 20 Dec 2013 17:15:00

[parseckadet]

Just adding my name to chorus of those who are being affected by this since the November-ish time frame. I've gotten periodic spam at my address in the past, on a @mac.com address I've had for 12 years now (back when iTools was free the first time). I was nearly frustrated enough to move to gmail before all of this; now I've got one foot hanging off the cliff, about to take the leap.

Apple's spam solution for nearly a decade now has been to heavily rely on client side filtering. My OS X client catches most of these messages as spam, since its been trained pretty well now. The problem is, I primarily use Windows at work while my Mac is at home sleeping.

The thing is, I don't think Apple really sees spam filtering as a priority. I'm sure they see email as a failed business ever since the downfall of .Mac. If that weren't the case, you can be sure they would push their email service much harder than they currently do. It's quite easy to sign up for iCloud while using a non-Apple address. If they were really serious about email services, I don't believe they would allow that.

[Kurwenal]

I'm in the same boat. Since November, I will go 1-2 days with no spam, and then, whammo, in the space of a few seconds I get 4 or 10 or 15. I am mostly an iOS user, and I have not found a way using the Mail app in iOS to forward the emails to spam@me.com as an attachment. I kept my Google account and I'll give Apple some time to address this before I switch, but I wish we had even a "yah we are working on it" note from them. It is not apparent that they are. If they improve, great, I'll stay with iCloud mail. If they do not improve, either because they cannot or will not, then I'll go back to Gmail.

Question: if I set up rules on iCloud.com, do those rules run before the email is sent to my iPad or iPhone?

[hippiechickadee]

Quote:

Originally Posted by Kurwenal

I'm in the same boat. Since November, I will go 1-2 days with no spam, and then, whammo, in the space of a few seconds I get 4 or 10 or 15. I am mostly an iOS user, and I have not found a way using the Mail app in iOS to forward the emails to spam@me.com as an attachment. I kept my Google account and I'll give Apple some time to address this before I switch, but I wish we had even a "yah we are working on it" note from them. It is not apparent that they are. If they improve, great, I'll stay with iCloud mail. If they do not improve, either because they cannot or will not, then I'll go back to Gmail.

Question: if I set up rules on iCloud.com, do those rules run before the email is sent to my iPad or iPhone?

great question! i'd like to know this as well!

[Weaselboy]

Quote:

Originally Posted by Kurwenal

Question: if I set up rules on iCloud.com, do those rules run before the email is sent to my iPad or iPhone?

Quote:

Originally Posted by hippiechickadee

great question! i'd like to know this as well!

Yes, they do.

[maxosx]

Quote:

Originally Posted by phatboytim

I have had an @me.com email address for about 3 years.

In the last week, I have started receiving SPAM in this account.

I have never ever used the account to email anyone, and have never signed up to anything with it. The only emails it has ever received is marketing from Apple, until a week ago.

So it seems that Apple have accidentally (or not?) leaked my email address to Spammers.

Has anyone else noticed any such activity?

Tim

My situation is exactly the same. 3 yrs with @me sitting idle unused by me. Suddenly it's chock full of spam. Perhaps Apple's not as perfect & secure as many would like to believe

[Weaselboy]

Quote:

Originally Posted by maxosx

My situation is exactly the same. 3 yrs with @me sitting idle unused by me. Suddenly it's chock full of spam. Perhaps Apple's not as perfect & secure as many would like to believe

I don't claim to have any evidence either way on this, but I am more inclined to believe it is somebody who is just stringing together random emails @icloud.com and bombing them out. The ones that don't bounce are good and away you go.

[Kurwenal]

Quote:

Originally Posted by Weaselboy

Yes, they do.

Thank you. I'll give that a try.

[Polydactyl]

Unfortunately, the iCloud rules are much more limited than mail.app.

I've noticed that all these spammers have the habit of putting your email address in the Return-Path field in the email header in the format youraddress=me.com (assuming your address is youraddress@me.com)

I created a custom filter (in mail.app) for this and it works pretty well, assuming my iMac is awake. If I could put a custom rule like this in iCloud, it would be ideal.

[Warbrain]

Seems to have slowed down a bit. I've noticed less in my Gmail spam but there's still some slipping through.

[mentaluproar]

As annoying as this is, I'm curious what the end result of this will be.

[Kurwenal]

Quote:

Originally Posted by Polydactyl

Unfortunately, the iCloud rules are much more limited than mail.app.

I've noticed that all these spammers have the habit of putting your email address in the Return-Path field in the email header in the format youraddress=me.com (assuming your address is youraddress@me.com)

I created a custom filter (in mail.app) for this and it works pretty well, assuming my iMac is awake. If I could put a custom rule like this in iCloud, it would be ideal.

Very helpful suggestion. Thank you.

[portishead]

Seems to have slowed down. I've only had 1 spam since 1/4, but it was only 1.

[mentaluproar]

So much fail.