Apple Compromised?

Discussion in 'Apple, Inc and Tech Industry' started by paulcons, Mar 2, 2018.

Tags:
  1. paulcons macrumors member

    paulcons

    Joined:
    Apr 3, 2017
    Location:
    New York City
    #1
    Got this e-mail today (yes I reported it to Apple). Generally when I see "myregisteredsite.com" in the headers, it is some form of scam. I always look at the headers when I get suspicious mail, this one was one example (using an image of the opened mail headers with my address/domain redacted). Best I can tell from this, it came fom inside Apple... can they REALLY now spoof this stuff? I find this really scary...

    apple.phish.jpg
     
  2. chrfr macrumors 604

    Joined:
    Jul 11, 2009
    #2
    It definitely did not come from Apple. The X-authenticated-sender headers make that clear, as do the sending mail servers.
     
  3. maflynn Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #3
    You don't even need to look at the headers to know this is a phishing attempt.
     
  4. BasicGreatGuy Contributor

    BasicGreatGuy

    Joined:
    Sep 21, 2012
    Location:
    In the middle of several books.
    #4
    Apple hasn't been compromised. Your email address got spammed with a phishing attempt.
     
  5. Darmok N Jalad macrumors 68000

    Darmok N Jalad

    Joined:
    Sep 26, 2017
    Location:
    Tanagra
    #5
    Yeah, they do make some pretty good attempts. My wife got an email that claimed that her Apple ID had been used to sign in to a new machine, when she did no such thing. It looked pretty convincing, but closer inspection revealed it to be fake. I happened to have just signed on to a new Mac that day, and we were able to compare the two emails. For reference, Apple does not appear to put any hyperlinks in their emails, but rather they tell you how to get to the proper page when going through their website.
     
  6. mw360 macrumors 65832

    mw360

    Joined:
    Aug 15, 2010
    #6
    It's always been trivial to spoof the From address. In many cases all you have to do is change your email address in your mail app.
     
  7. paulcons thread starter macrumors member

    paulcons

    Joined:
    Apr 3, 2017
    Location:
    New York City
    #7
    Normally I can look at the sending e-mail address and quickly tell it's not legit... except in this case, that originating address ended in "@apple.com" something I have never seen before in a phish attempt (see image). Never seen a legit domain appear in so many places in full headers either. Yeah, I knew it wasn't legit, think I kinda made the topic a bit sensational to catch more folks into reading it. It is true I haven't caught a phish in a few years now, clearly they are getting a lot more sophisticated.

    Screen Shot 2018-03-02 at 6.16.42 PM.jpg
     
  8. Tech198 macrumors G5

    Joined:
    Mar 21, 2011
    Location:
    Australia, Perth
    #8
    plus i don't think there is an email Apple has at
    Code:
    winnings@apple.com
     

Share This Page

7 March 2, 2018