Anyone notice an uptick of spam emails to iCloud?

Discussion in 'Apple Music, Apple Pay, iCloud, Apple Services' started by dictoresno, Jan 31, 2017.

Tags:
  1. dictoresno macrumors 601

    dictoresno

    Joined:
    Apr 30, 2012
    Location:
    NJ
    #1
    Lately I've been setting random spam messages to my iCloud email address from random and sometimes spoofed legitimate hosting sites. All of them had "reply to" indicators directing to an @gmx.com, @gmx.us email address.

    Also noticed that the "from" and "to" sections are usually the same spam email address. How is that possible? My email isn't even in the "to" field. Im trying to get mail to show the exact email, but can't figure it out. One email came from "@prrimus.ca" which appears to be a spoofed version of "primus.ca" email address. How can I make its real address show in mail so I can block it? You can see in the included screenshot that both "to" and "from" are the same, neither are obviously my email address.

    Ive reported them as junk by forwarding them to spam@icloud.com as apples website states and set up a filter to auto delete any emails originating from them. Still sucks that theres no block button we can just tap upon receiving junk email in iCloud.
     

    Attached Files:

  2. campyguy macrumors 68040

    Joined:
    Mar 21, 2014
    Location:
    Portland / Seattle
    #2
    I used to get 1-3 each day to my iTS/MAS-tied email account, randomly to any of the @Mac/@me/@icloud domains, and I've never given that email address out to anyone. Then, they stopped - for several weeks, ceasing on the same day the Avalanche botnet was taken down - https://en.wikipedia.org/wiki/Avalanche_(phishing_group) - but reading the press about it the feds were resigned to it picking up again in the near future. And, a couple of weeks ago, they started up again just as before - that domain, Google Notifier, FedEx, even "iCloud Messenger". Sigh…

    I'm surmising that the only place that the phishers could have sucked up my email account address was by getting them from Apple somehow as I've never used the email except for the MAS and iTS and I use a separate email for iCloud services. So, yeah, I've noticed an uptick in spam and I'd swap out another email address for my iTS/MAS purchases in a heartbeat if I could. I don't bother reporting them to Apple, once you're on a list, it's pretty much game over for that email address… :oops:
     
  3. burgman macrumors 65816

    burgman

    Joined:
    Sep 24, 2013
    #3
    Yup, same here I have a .mac address with my full name. Pisses me off that Apple has no way to change that without blowing out the account for old .mac domains.
     
  4. dictoresno thread starter macrumors 601

    dictoresno

    Joined:
    Apr 30, 2012
    Location:
    NJ
    #4
    At least include a "block" button so we can block them as they come in. Even gmail offers that.
     
  5. campyguy macrumors 68040

    Joined:
    Mar 21, 2014
    Location:
    Portland / Seattle
    #5
    Soooo, following up on this thread it seems a couple of a$$ wipes in one of my states screwed up. I saw a post on The Guardian that has some links to their sources about a huge spam database - about 1.4 billion email addresses - that was exposed in January. According to MacKeeper, one of their employees happened upon a massive database and shared it with other researchers. A related, linked-to post on SCOOnline.com shows just over 460k mac.com email addresses - along with other email providers - using illegal IP hijacking. The timing of that rsync screw up coincides with the uptick of spam, me thinks? Spamhaus.org and Salted Hash were also involved in the investigation - personal information was also in the database…

    Links:
    https://mackeeper.com/blog/post/339-spammergate-the-fall-of-an-empire
    http://www.csoonline.com/article/31...eir-entire-operation-through-bad-backups.html
    Embedded JPEG with partial list of compromised domains:
    http://core0.staticworld.net/images/article/2017/03/email_list_rcm-100711753-orig.jpg
    https://www.theguardian.com/technology/2017/mar/06/email-addresses-spam-leak-river-city-media

    Well, crap… :mad: My spam content has upticked even more in the past few weeks…
     
  6. dictoresno thread starter macrumors 601

    dictoresno

    Joined:
    Apr 30, 2012
    Location:
    NJ
  7. vespagirl macrumors regular

    vespagirl

    Joined:
    Jun 25, 2007
    Location:
    Connecticut
    #7
    I am getting spam at an egregious rate, all of it porn-related, which hasn't happened in the 10 years I've had this email account through Mac. It's very frustrating and it happened basically overnight.
     
  8. campyguy macrumors 68040

    Joined:
    Mar 21, 2014
    Location:
    Portland / Seattle
    #8
    There's someone out there that's a major PITA to those with mac/me/icloud domains. First one every once in a while, then a bunch every day, then nothing for weeks, and it's back to a bunch every day. Like I wrote earlier in this thread I get spam to addresses I've never used, preferring to use an alias.

    15 years ago, an employee of an investment company providing those services walked out with thousands of client records - mine was one of them; that turd was busted and went to jail. I was put on free credit monitoring, 10 years after I left that company but I still wonder who got access to my personal information. My point is that, given that I'm receiving spam at two email addresses I've never distributed to anyone ever, I'm strongly of an opinion that a disgruntled or greedy former Apple employee sold out and Apple will never 'fess up. We're not the only ones:
    https://www.reddit.com/r/apple/comments/5vf0qo/icloud_spam_emails_increased/

    and a bunch of other threads like it. Spam, the new junk mail, but for pr0n and theft. Ugh. Sadly, you're on the list now.
     
  9. Steve.P.JobsFan macrumors 6502a

    Steve.P.JobsFan

    Joined:
    Jan 27, 2010
    Location:
    Cincinnati
    #9
    I'm getting hammered with them. Not sure who's at fault, but I've gotten two alerts from "Have I Been Pwned?" in less than a week, so that definitely doesn't help.

    I've got like 40 rules applied to my iCloud email now, and that increases every week as I get new spam in my inbox that my rules or Apple's servers don't catch. :(

    Apple seriously needs to step up their spam detection game. Gmail's spam detection, I think, is among the best.
     
  10. campyguy macrumors 68040

    Joined:
    Mar 21, 2014
    Location:
    Portland / Seattle
    #10
    Troy Hunt posted this two days ago:
    https://www.troyhunt.com/password-r...other-1-billion-records-in-have-i-been-pwned/
    and he's reached out to the at-large community asking if anyone knows who is/where the source is. Lots of comments are listing MySpace, Badoo, LastFM, and others with Hunt offering in the post's body that at least 74% of the two recent leaks were already in the "Have I Been Pwned?" portal (cited from his Twitter page).

    The two iCloud addresses I use both are on Dropbox, while one is with Adobe. Yep, it's already old… :mad: I think I'm going to buy Troy a beer…
     
  11. markhort macrumors 6502a

    markhort

    Joined:
    Aug 28, 2010
    Location:
    UK
    #11
    Yeah I've noticed a big increase in spam to my @me.com address. Weird as only my family and close friends have that. Receiving them from, things like - Customer engagement, GoogleService, Gmail Team, WhatsApp Service and many more.

    A few of them have made it into my inbox, but I've been marking them as Junk, I've noticed they have started to go into my Junk folder.
     
  12. wolfie macrumors regular

    Joined:
    Apr 11, 2008
    #12
    Just want to up this. Im getting a lot more spam lately. I find it disgusting that Apple does not give the end user the power to turn off its junk filtering to a service that does, or allow us to set rules to BLOCK them from even entering our account at all.
     
  13. DotCom2 macrumors 68030

    Joined:
    Feb 22, 2009
    #13
    I never used to get spam on my iCloud.com address and recently I am getting a lot more every single day!
    Is there something I can do about it? I use the mail app from Apple on my iMac and iDevices.
     
  14. DotCom2 macrumors 68030

    Joined:
    Feb 22, 2009
    #14
    I can't believe apple hasn't done something about this.
    NOT ACCEPTABLE APPLE
     
  15. appleman1988 Suspended

    Joined:
    May 22, 2017
    #15
    So bad I've had to turn it off and remove the account on my iPhone, iPad, and Mac. It was RIDICULOUS.

    Apple needs to give us the ability to change our addy's on the fly like Microsoft's Outlook.com. Gmail should do the same. I don't want to change my Apple ID because my purchased apps and music are on it and I don't have the time or patience to putz with two different Apple ID accounts.

    In fact, I'm going to email them and ask them to let me change it. Adding an alias that redirects to the same box is NOT a solution.

    I'd like to switch back to it from Gmail, but not at this rate.

    A lot of the spam, like 75%+ is all from @Mac.com addresses. Now isn't THAT ironic! Makes me so mad. Wish there was better spam filtering and the ability to kill all @Mac.com addresses coming into my inbox. That's SUCH an old address that no one uses it, just those that carried over from iTools/.Mac/MobileMe. Otherwise, my iCloud email is staying disabled.
     
  16. WAM2 macrumors 6502a

    WAM2

    Joined:
    Jan 6, 2011
    Location:
    United States
    #16

    Report you are having issues with this on my thread in this same section called “iCloud Mail address list breach?”

    In the mean time, you can have all emails that come from an @mac.com address to the trash by going to logging into iCloud on a PC/Mac on iCloud.com then going to mail, pressing the gear in the bottom left corner, and then going to rules and making 2 new rules

    The first will be
    “Move all messages from *@mac.com to Trash”

    The Second will be
    “Move all messages from @mac.com to Trash”
     
  17. appleman1988 Suspended

    Joined:
    May 22, 2017
    #17
    Thanks.
     

Share This Page