email phishing?

Discussion in 'Community Discussion' started by jbarley, May 16, 2019.

  1. jbarley macrumors 68040

    jbarley

    Joined:
    Jul 1, 2006
    Location:
    Vancouver Island
    #1
    Found this in my inbox this morning, looks pretty dicey to me so I sent it on to Apple report phishing and then deleted it.
    BTW, I don't even use iTunes.

    Screen Shot 2019-05-16 at 10.17.30 AM.png
     
  2. lparsons21 macrumors 6502

    lparsons21

    Joined:
    Jun 3, 2014
    Location:
    Southern Illinois
    #2
    No doubt it’s phishing. But the dummies didn’t really try to hid that they aren’t Apple at all.
     
  3. SkipperRi, May 16, 2019
    Last edited: May 16, 2019

    SkipperRi macrumors regular

    SkipperRi

    Joined:
    Jul 11, 2015
    Location:
    Rijeka, Croatia
    #3
    It’s enough to see e-mail from which message is sent and everything is clear - pure phishing.
     
  4. willmtaylor macrumors G3

    willmtaylor

    Joined:
    Oct 31, 2009
    Location:
    A Natural State
    #4
    There isn’t one single part of that email that even remotely resembles legitimacy.
     
  5. nouveau_redneck macrumors 6502

    nouveau_redneck

    Joined:
    Sep 16, 2017
    #5
    Some phishing campaigns are conducted with zero knowledge and thus are just spammed out with the hope of connecting to something the recipient does or a product the recipient uses. These are often very crude, and the example you posted is definitely a crude attempt. The sender did not even spoof the email address in the header information.

    It's the intelligent, pinpointed, phishing campaigns that often cause the most damage. They often use stolen or cracked information to gain prior knowledge of the recipient, and thus intelligently target victims. Recently Microsoft had a large number of Outlook email headers along with subject lines stolen. Although the message bodies were not included in the Microsoft breach, the subject lines in themselves are enough to know what businesses a user is associated with in order to deploy phishing attempts that would be far more likely in succeeding.

    The best policy to stay safe from phishing attempts is to never directly click on a link in emails, unless you are 100% confident in it. To be safe, it is recommended to not even click on links from entities you do business with, especially ones that are popular like PayPal, unless you initiated an action and are expecting the message. Be safe.
     
  6. Huntn macrumors P6

    Huntn

    Joined:
    May 5, 2008
    Location:
    The Misty Mountains
    #6
    If I was told my password was disabled, I’d go right to Apple and sign in, to see if I could before anything else. It may help that I hardly ever look at my email any more. ;)
     
  7. Sword86 macrumors regular

    Joined:
    Oct 6, 2012
    #7
    Dead give away for me is sincerely spelled incorrectly. S
     
  8. Zenithal macrumors 604

    Joined:
    Sep 10, 2009
    #8
    That and the strange sentence structure. Putting aside proper grammar, it doesn't read correctly when read out loud.
     
  9. HDFan macrumors 65816

    Joined:
    Jun 30, 2007
    #9
    Another thing that you can do in mail is to select View/Message/Show all headers to see the source IP address of the mail:

    Received: ⁨from 127.0.0.1 (EHLO ebays.com) (106.78.222.58) by mta4247.mail.gq1.yahoo.com with SMTP; Wed, 22 Nov 2017 00:53:11 +0000⁩

    Made up example, but often you will see the originating server has nothing to to with Apple, eBay, or whatever. You have to be careful though since the source can almost match the correct source (ebays.com rather than eBay.com). I have seen this used in the past.
     
  10. chown33, May 18, 2019
    Last edited: May 18, 2019

    chown33 macrumors 604

    Joined:
    Aug 9, 2009
    Location:
    betwixt
    #10
    I see that simply as more confirmation. There are other mistakes that add to that.

    The first dead giveaway was the domain: @Support.com. There's no possible way that Apple would be sending you a legitimate email with that domain.

    It's almost a parody for "How to Fail at Phishing", although I have no doubt that some people did click the button.
     

Share This Page

9 May 16, 2019