New Apple ID Phishing Effort Compromises Over 100 Sites

Discussion in 'MacRumors.com News Discussion' started by MacRumors, May 1, 2013.

  1. MacRumors macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    As highlighted by The Next Web, security firm Trend Micro yesterday outlined a new phishing scam that has seen the perpetrators compromise over 100 sites in their attempts to gain access to users' Apple ID accounts. While Apple IDs are relatively popular targets for phishing scams, Trend Micro's analysis offers some interesting detail on the approaches used by the criminals.
    Trend Micro's sample of a spam message designed to trick recipients into sharing their account information at the compromised sites shows a very poor attempt at copying Apple's email style, but inexperienced Internet users are undoubtedly still falling for the scheme.

    [​IMG]
    Trend Micro offers a number of suggestions to help users protect themselves from phishing scams, including checking for consistent domains throughout email addresses and links included in an email and checking for indicators that the user is at a secure site associated with the correct company.

    While phishing scams rely on the gullibility of users to direct them to fake account management sites, Apple has sought to increase account security on its own site with its recent introduction of two-step verification to help minimize the possibility of an unauthorized party gaining access to a user's account. That feature is, however, only available in a handful of countries for the time being.

    Article Link: New Apple ID Phishing Effort Compromises Over 100 Sites
     
  2. Kaibelf macrumors 65816

    Kaibelf

    Joined:
    Apr 29, 2009
    Location:
    Chicago, IL
    #2
    Oh for Pete's sake! LOOK at the email. Putting a stupid Apple logo on the top doesn't mean people should suddenly lose the ability to see this obvious phishing attempt. By the way "inexperienced internet users" is irrelevant. The broken English and crazy wording should have been enough of a tip to ANY sensible person.
     
  3. macnerd93 macrumors 6502a

    macnerd93

    Joined:
    Nov 28, 2009
    Location:
    United Kingdom
    #3
    that has to be the most unApple looking email ever. What was it made in MS paint? It would have looked legit in about 1997 LOL. Apart from the bad wording LOL
     
  4. WestonHarvey1 macrumors 68020

    Joined:
    Jan 9, 2007
  5. Creep89 macrumors regular

    Joined:
    Mar 9, 2012
    #5
    Yay, better enter my Apple ID.
     
  6. edolecki macrumors newbie

    edolecki

    Joined:
    Mar 16, 2009
    #6
    These things mostly seem to have really terrible grammar. So easy to spot I would think.
     
  7. Xavier macrumors 68020

    Joined:
    Mar 23, 2006
    Location:
    Columbus
    #7
    Read before you click? I mean, come on, seriously?
     
  8. MonkeySee.... macrumors 68040

    MonkeySee....

    Joined:
    Sep 24, 2010
    Location:
    UK
    #8
    If any of you fall for that email, raise your hand and hit yourself with it.
     
  9. Frign macrumors member

    Joined:
    Aug 19, 2011
    #9
    It is bloody hilarious that the Apple-Logo not even has the right aspect ratio, let alone proper use of upper- and lowercase.

    For reference: :apple:

    Who falls for this?
     
  10. andalusia macrumors 68030

    andalusia

    Joined:
    Apr 10, 2009
    Location:
    Manchester, UK
    #10
    I've received this before. I cannot believe anybody could fall for it. It's such a pathetic attempt to look official... well I guess they all are. People are numpties.
     
  11. jafingi macrumors 65816

    jafingi

    Joined:
    Apr 3, 2009
    Location:
    Denmark
    #11
    Yeah that looks legit!

    Hahahahaha, it's so hilarious with that Apple logo aspect ratio :D

    The guys who send these should have used 10 minutes to just create a legit e-mail.
     
  12. narimonk macrumors regular

    narimonk

    Joined:
    Jul 15, 2010
    Location:
    Sacramento, CA
    #12
    You'd really think the fact that the very first word isn't capitalized would make it obvious.
     
  13. Laird Knox macrumors 65816

    Joined:
    Jun 18, 2010
    #13
    That email true is. They fix helped me my Loging correctly. You should send infos by next 48 hours!
     
  14. Waxhead138 macrumors 6502

    Joined:
    May 18, 2012
    #14
    I Disagree Completely!


    Oh come on people, of course this is real....I'd answer an email from Yoda's retarded cousin any day of the week and give them whatever they ask for!
     
  15. dXTC macrumors 68020

    dXTC

    Joined:
    Oct 30, 2006
    Location:
    Up, up in my studio, studio
    #15
    "...otherwise your session using Apple id and password."

    Otherwise your session using Apple id and password what? Wow, you'd think the criminals trying to phish here would use at least somewhat complete sentences.

    On the other hand, anyone saying that this is oh-so-easy to spot might just be overestimating the IQ of some e-mail users. There are people who still fall for the Nigerian scams.
     
  16. See Flat macrumors member

    Joined:
    Oct 24, 2007
    #16
    It's a test of Darwin's law.

    "Why you email he sent?"

    Time to weed out people who should not have computers.
     
  17. Kaibelf macrumors 65816

    Kaibelf

    Joined:
    Apr 29, 2009
    Location:
    Chicago, IL
    #17
  18. madsci954 macrumors 68030

    Joined:
    Oct 14, 2011
    Location:
    Ohio
  19. ryansimmons323 macrumors regular

    Joined:
    Oct 5, 2011
    #19
    When you try to pull off a scam like this, use at least good spelling and grammar!!
     
  20. dejo Moderator

    dejo

    Staff Member

    Joined:
    Sep 2, 2004
    Location:
    The Centennial State
    #20
    I don't understand what this means. :confused:

    Anyone care to enlighten me?
     
  21. ravenstar macrumors member

    Joined:
    Jan 12, 2005
    #21
    You know, lately I've seen so many poorly worded spams, that I wonder if it's not intentional? Are the spammers trying to get people to feel so gullible for falling for such obviously bogus messages that they won't dare complain about being swindled? Can you imagine going to the authorities and saying you received this message so you entered all your personal information and it was stolen?
     
  22. Digital Dude macrumors 6502

    Digital Dude

    Joined:
    Oct 12, 2008
    Location:
    Arizona where freedom still means something
    #22
    Oh, that looks totally real and legit to me! :D Only an idiot would respond to an unsolicited email like this.
    BTW, I love 1Password which authenticates whether a site is real or not before it will post your pass & I.D. No, I don't work for these guys.
     
  23. sulpfiction macrumors 68030

    sulpfiction

    Joined:
    Aug 16, 2011
    Location:
    Philadelphia Area
    #23
    Anyone who falls for this fully deserves it. C'mon now.
     
  24. burnout8488 macrumors 6502a

    Joined:
    May 8, 2011
    Location:
    Endwell, NY
  25. KPJLK macrumors member

    Joined:
    Feb 21, 2008
    #25
    There is a theory that the presentation is deliberately bad so that only the stupidest people will respond, resulting in fewer pull-outs and thus a higher success ratio from the responses. Spammers/scammers don't like their time being wasted :rolleyes:
     

Share This Page