Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
I don't understand what this means. :confused:

Anyone care to enlighten me?

Those 110 sites were hacked and set up to mine Apple ID's from unsuspecting users and many haven't been cleared of the malicious code.
 
The grammar appears to be awful but the default alphabet in the screenshot is Cyrillic so it seems the text has been translated to English from Russian (and we all know how well those translation tools work).
 
Yea, I don't know what's worse... the half-**** effort with the retarded grammar, or the fool's email client receiving the spam.
 
I received a much more convincing email saying Apple were going to expire unused iCloud addresses and I needed to log in to confirm my account was active. The only errors I noticed were 2 uses of "Icloud" instead of "iCloud'.

Someone who doesn't know iCloud very well may have fallen for it (doesn't know about it in terms of capitalisation and functionality), which could be quite a few people considering all the new Apple users through iOS devices.
 
There is a theory that the presentation is deliberately bad so that only the stupidest people will respond, resulting in fewer pull-outs and thus a higher success ratio from the responses. Spammers/scammers don't like their time being wasted :rolleyes:

That's actually pretty interesting. Only the profoundly stupid will fall for this and even click in the first place, so the spammers know that they've got excellent victims. Somebody with two brain cells to rub together may actually back out or provide false information on purpose. Brilliant.
 
I feel personally insulted that spammers put so little work into trying to trick me.
 
The email starts with "dear Customer".

Such an email is guaranteed not to come from Apple. If it started with "Dear Customer, " there would be a tiny chance. If it started with "Dear <username>, " then chances would be even better, but still not certain.

Furthermore, your Apple ID is making Apple money. There is no bloody way that Apple would close down your account "within 48 hours". Either they have some reason to close your account (like using stolen credit cards), then they'll close it immediately without warning. Or they have no reason to close it, then they'll keep it up forever.


There is a theory that the presentation is deliberately bad so that only the stupidest people will respond, resulting in fewer pull-outs and thus a higher success ratio from the responses. Spammers/scammers don't like their time being wasted :rolleyes:

Hmmh. I think that applies to scams where you need to convince the victim to hand over money, so when the potential victim responds, you have to invest serious time to get the goods. If they try to get AppleIDs with passwords, fully automated, then there would be no additional work involved so I would try to make it convincing.

Well, the theory is good, so for 419 scams _I_ would apply it. But I wouldn't be surprised if there are many scammers who actually create sites that are as good as they can make them, which just isn't very good at all.
 
Last edited:
Tim Cook is a supply chain and operations guy, not an English professor. He probably needed to quickly get this e-mail out to let the users know.

I, for one, am glad that I got this and was quickly able to get my security credentials in order. We'll see how much you are all laughing when your Apple IDs get closed down.
 
Well, this is nothing new. I've been receiving similar emails for years, claiming to be from a Bank.
Whoever is dumb enough to fall for this, oh well.

Never click on a link to a login page, or at least look at the URL to see if it's legit!
 
The grammar appears to be awful but the default alphabet in the screenshot is Cyrillic so it seems the text has been translated to English from Russian (and we all know how well those translation tools work).

It's a good thing too. ;)
 
Well, this is nothing new. I've been receiving similar emails for years, claiming to be from a Bank.
Whoever is dumb enough to fall for this, oh well.

If you get the same email from several banks, and you are only customer of one, that's a giveaway. But I must complain that I haven't had any lottery wins for a while (I won several million Euros and a BMW so far without even buying a ticket). Probably because of these friendly guys from India who call me twice a week and offer removing viruses on my Windows PC. :D


that grammar is God-awful

On the positive side, we can complain about it without upsetting any moderators :)
 
If you thought that was a real email from Apple, find yourself a hole to live in and stay there.
 
I don't understand what this means. :confused:

Anyone care to enlighten me?

110 websites that are stored at a location who's public IP address is 70.86.13.17 (that's an internet address used to locate the web servers) are still hosting these malicious web pages. The IP address above is registered to an Internet Service Provider (ISP) in the Houston, TX area.

Short version: Web sites are still there, some place in Houston is hosting the web sites.
 
Security Professional here. It always blows my mind to see how people fall for these social engineering attacks. Especially with how broken the english is in this particular example.
 
I received that e-mail, typed in my Apple ID, and received a check for $3,500 from Microsoft! You should try it too, it really works!
 
Tim Cook is a supply chain and operations guy, not an English professor. He probably needed to quickly get this e-mail out to let the users know.

I, for one, am glad that I got this and was quickly able to get my security credentials in order. We'll see how much you are all laughing when your Apple IDs get closed down.

Best laugh all day! Thanks!!

Btw, I went to see if KrebsOnSecurity had anything on this but got a 502 bad gateway ... Looks like he is under another DDOS attack...
 
Those 110 sites were hacked and set up to mine Apple ID's from unsuspecting users and many haven't been cleared of the malicious code.

Thanks. Either the original Next Web article was updated or there was a copy-paste problem but I see Next Web's paragraph now says:
Trend Micro says it identified a total of 110 compromised sites, all hosted at just one IP address registered to an ISP in the Houston area. The majority of these sites have not been cleaned, and it’s likely the same technique could be used on other sites as well.

Which makes more sense to me now.
 
Thanks. Either the original Next Web article was updated or there was a copy-paste problem but I see Next Web's paragraph now says:


Which makes more sense to me now.

Yeah, I had to read the [Next Web] article twice to be sure I was correct before replying to you.
 
I'm so glad most scammers are illiterate. My parents are NON-tech-savvy and even THEY can spot these.

There are theories that it is intentional. As a scammer, you don't want slightly stupid people to reply, because slightly stupid people will get clever once you ask them to hand over their cash. You only want people to reply that are really absolutely limitless stupid.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.