Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

MacRumors

macrumors bot
Original poster
Apr 12, 2001
64,344
32,162



As highlighted by The Next Web, security firm Trend Micro yesterday outlined a new phishing scam that has seen the perpetrators compromise over 100 sites in their attempts to gain access to users' Apple ID accounts. While Apple IDs are relatively popular targets for phishing scams, Trend Micro's analysis offers some interesting detail on the approaches used by the criminals.
We've identified a total of 110 compromised sites, all of hosted at the IP address 70.86.13.17, which is registered to an ISP in the Houston area. Almost all of these sites have not been cleaned. [...]

We've seen attacks targeting not only American users, but also British and French users. Some versions of this attack ask not only for the user's Apple ID login credentials, but also their billing address and other personal and credit card information. It will eventually result in a page that states that access has been restored, but of course the information has been stolen.
Trend Micro's sample of a spam message designed to trick recipients into sharing their account information at the compromised sites shows a very poor attempt at copying Apple's email style, but inexperienced Internet users are undoubtedly still falling for the scheme.

apple_id_phish.jpg
Trend Micro offers a number of suggestions to help users protect themselves from phishing scams, including checking for consistent domains throughout email addresses and links included in an email and checking for indicators that the user is at a secure site associated with the correct company.

While phishing scams rely on the gullibility of users to direct them to fake account management sites, Apple has sought to increase account security on its own site with its recent introduction of two-step verification to help minimize the possibility of an unauthorized party gaining access to a user's account. That feature is, however, only available in a handful of countries for the time being.

Article Link: New Apple ID Phishing Effort Compromises Over 100 Sites
 

Kaibelf

Suspended
Apr 29, 2009
2,445
7,444
Silicon Valley, CA
Oh for Pete's sake! LOOK at the email. Putting a stupid Apple logo on the top doesn't mean people should suddenly lose the ability to see this obvious phishing attempt. By the way "inexperienced internet users" is irrelevant. The broken English and crazy wording should have been enough of a tip to ANY sensible person.
 

macnerd93

macrumors 6502a
Nov 28, 2009
712
190
United Kingdom
that has to be the most unApple looking email ever. What was it made in MS paint? It would have looked legit in about 1997 LOL. Apart from the bad wording LOL
 

Frign

macrumors regular
Aug 19, 2011
116
408
Oh for Pete's sake! LOOK at the email. Putting a stupid Apple logo on the top doesn't mean people should suddenly lose the ability to see this obvious phishing attempt.

It is bloody hilarious that the Apple-Logo not even has the right aspect ratio, let alone proper use of upper- and lowercase.

For reference: :apple:

Who falls for this?
 

andalusia

macrumors 68030
Apr 10, 2009
2,945
8
Manchester, UK
I've received this before. I cannot believe anybody could fall for it. It's such a pathetic attempt to look official... well I guess they all are. People are numpties.
 

jafingi

macrumors 65816
Apr 3, 2009
1,470
158
Denmark
Yeah that looks legit!

Hahahahaha, it's so hilarious with that Apple logo aspect ratio :D

The guys who send these should have used 10 minutes to just create a legit e-mail.
 

Laird Knox

macrumors 68000
Jun 18, 2010
1,956
1,343
That email true is. They fix helped me my Loging correctly. You should send infos by next 48 hours!
 

dXTC

macrumors 68020
Oct 30, 2006
2,033
50
Up, up in my studio, studio
"...otherwise your session using Apple id and password."

Otherwise your session using Apple id and password what? Wow, you'd think the criminals trying to phish here would use at least somewhat complete sentences.

On the other hand, anyone saying that this is oh-so-easy to spot might just be overestimating the IQ of some e-mail users. There are people who still fall for the Nigerian scams.
 

dejo

Moderator emeritus
Sep 2, 2004
15,982
452
The Centennial State
We've identified a total of 110 compromised sites, all of hosted at the IP address 70.86.13.17, which is registered to an ISP in the Houston area. Almost all of these sites have not been cleaned. [...]

I don't understand what this means. :confused:

Anyone care to enlighten me?
 

ravenstar

macrumors 6502
Jan 12, 2005
266
505
You know, lately I've seen so many poorly worded spams, that I wonder if it's not intentional? Are the spammers trying to get people to feel so gullible for falling for such obviously bogus messages that they won't dare complain about being swindled? Can you imagine going to the authorities and saying you received this message so you entered all your personal information and it was stolen?
 

KPJLK

macrumors member
Feb 21, 2008
55
0
You know, lately I've seen so many poorly worded spams, that I wonder if it's not intentional? Are the spammers trying to get people to feel so gullible for falling for such obviously bogus messages that they won't dare complain about being swindled? Can you imagine going to the authorities and saying you received this message so you entered all your personal information and it was stolen?

There is a theory that the presentation is deliberately bad so that only the stupidest people will respond, resulting in fewer pull-outs and thus a higher success ratio from the responses. Spammers/scammers don't like their time being wasted :rolleyes:
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.