Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
email phishing?
- Thread starter jbarley
- Start date
- Sort by reaction score
lparsons21
macrumors 6502
willmtaylor
macrumors G4
nouveau_redneck
macrumors 6502a
Some phishing campaigns are conducted with zero knowledge and thus are just spammed out with the hope of connecting to something the recipient does or a product the recipient uses. These are often very crude, and the example you posted is definitely a crude attempt. The sender did not even spoof the email address in the header information.
It's the intelligent, pinpointed, phishing campaigns that often cause the most damage. They often use stolen or cracked information to gain prior knowledge of the recipient, and thus intelligently target victims. Recently Microsoft had a large number of Outlook email headers along with subject lines stolen. Although the message bodies were not included in the Microsoft breach, the subject lines in themselves are enough to know what businesses a user is associated with in order to deploy phishing attempts that would be far more likely in succeeding.
The best policy to stay safe from phishing attempts is to never directly click on a link in emails, unless you are 100% confident in it. To be safe, it is recommended to not even click on links from entities you do business with, especially ones that are popular like PayPal, unless you initiated an action and are expecting the message. Be safe.
It's the intelligent, pinpointed, phishing campaigns that often cause the most damage. They often use stolen or cracked information to gain prior knowledge of the recipient, and thus intelligently target victims. Recently Microsoft had a large number of Outlook email headers along with subject lines stolen. Although the message bodies were not included in the Microsoft breach, the subject lines in themselves are enough to know what businesses a user is associated with in order to deploy phishing attempts that would be far more likely in succeeding.
The best policy to stay safe from phishing attempts is to never directly click on a link in emails, unless you are 100% confident in it. To be safe, it is recommended to not even click on links from entities you do business with, especially ones that are popular like PayPal, unless you initiated an action and are expecting the message. Be safe.
That and the strange sentence structure. Putting aside proper grammar, it doesn't read correctly when read out loud.
Another thing that you can do in mail is to select View/Message/Show all headers to see the source IP address of the mail:
Received: from 127.0.0.1 (EHLO ebays.com) (106.78.222.58) by mta4247.mail.gq1.yahoo.com with SMTP; Wed, 22 Nov 2017 00:53:11 +0000
Made up example, but often you will see the originating server has nothing to to with Apple, eBay, or whatever. You have to be careful though since the source can almost match the correct source (ebays.com rather than eBay.com). I have seen this used in the past.
Received: from 127.0.0.1 (EHLO ebays.com) (106.78.222.58) by mta4247.mail.gq1.yahoo.com with SMTP; Wed, 22 Nov 2017 00:53:11 +0000
Made up example, but often you will see the originating server has nothing to to with Apple, eBay, or whatever. You have to be careful though since the source can almost match the correct source (ebays.com rather than eBay.com). I have seen this used in the past.
I see that simply as more confirmation. There are other mistakes that add to that.
The first dead giveaway was the domain: @Support.com. There's no possible way that Apple would be sending you a legitimate email with that domain.
It's almost a parody for "How to Fail at Phishing", although I have no doubt that some people did click the button.
Last edited:
