Users Report MobileMe Phishing Scam

[MacRumors]

Various users are reporting receiving phishing attempts regarding Apple's Mobile Me services.

Dear Apple Online Member,

Thank you for choosing Mobileme. Unfortunately there has been a
problem processing your billing information for the month of Sept, 2008.

Please review our billing requirements at KW: Billing.
To ensure that your service is not interrupted, please visit our secure server web form by clicking the hyperlink below.

[Link Redacted]

We appreciate your business and hope to keep you as a customer for life.

Click Here For Web Form Mobile Me is so easy, no wonder it's number 1 !

Sincerely,
The Apple Billing Services Team

As with typical phishing scams, the link in the email goes to a third party server which tries to collect information. Obviously, the email does NOT come from Apple and is not a legitimate request for information.

Legitimate corporations following best practices should never send sensitive links in emails when requiring users to update or correct information, per McAfee (pdf).

Article Link

 

[acfusion29]

That's not even worded professionally. You shouldn't have mobile me if you fall for that...

 

[kornyboy]

Wirelessly posted (iPhone: Mozilla/5.0 (iPhone; U; CPU iPhone OS 2_0_2 like Mac OS X; en-us) AppleWebKit/525.18.1 (KHTML, like Gecko) Version/3.1.1 Mobile/5C1 Safari/525.20)

It is really annoying that people do this kind of stuff. I really hope no one falls for it.

 

[kolax]

It tends to be really obvious with wording (grammar particularly) as well as layout that it isn't legit.

I'd be worried if there was someone that cloned the MobileMe style page with professional wording and a linky that didn't seem dodgy.

I suppose Apple could introduce a filter for anything that contains the word, "MobileMe" without spacing to be bounced, with the ability for the user to use this feature or not. There is no reason (aside from legit places like Amazon etc where you'd be buying it) for it to be in an email other than from Apple.

 

[iMACTASTIC]

I have always wondered why when these scam artists make so much money they haven't bothered to hire somebody who knows english to write these letters for them. Im for hire!

 

[puckhead193]

don't people realize that they don't get charged per month. Apple charges the whole year at one time to the credit card. So these scammers are donkeys, nice try

edit - i haven't gotten it so i guess my account is all good

 

[Peel]

I guess with all the bad news about MobileMe screw-ups in the last couple months, these phishers figured it was ripe for people to believe that Apple was having more problems, this time with billing.

 

[jjm3]

I got this fake email too... I gleefully forwarded it to abuse@mac.com and reportphishing@apple.com...

 

[joeshell383]

I have always wondered why when these scam artists make so much money they haven't bothered to hire somebody who knows english to write these letters for them. Im for hire!

No thanks. In your one sentence post you made a host of grammatical errors.

 

[exodus]

Click Here For Web Form Mobile Me is so easy, no wonder it's number 1 !

This line particularly screams scam
-Ex

 

[ebouwman]

This line particularly screams scam
-Ex

Ya that would about tip most people off. But then lots of people may just read part of the email and click the link, or decide it's bogus.

I know with most of my emails from websites, like from facebook, i just read the subject and click the first link, because all i need to know is in the subject line. But i would stop when it asked me to put my credit card number in

 

[Icestorm815]

With the "so easy it's number one!" line, wouldn't anyone consider that it's kinda weird that Apple would be using an AOL tagline?

 

[rstansby]

With the "so easy it's number one!" line, wouldn't anyone consider that it's kinda weird that Apple would be using an AOL tagline?

I didn't recognize that as an AOL slogan, but I was wondering how they thought it was rated number 1. Maybe this is a quick edit of a scam sent to AOL users.

 

[joeshell383]

I didn't recognize that as an AOL slogan, but I was wondering how they thought it was rated number 1. Maybe this is a quick edit of a scam sent to AOL users.

Yeah, I'd say so.

Keyword: Billing

 

[Mac-Addict]

Anyone who falls for "Click Here For Web Form Mobile Me is so easy, no wonder it's number 1 !" Is a retard.

 

[rdowns]

Sadly, these types of things do work or they wouldn't do them. Whether it's the Nigerian emails or phishing scams, people do click these links and provide information. I have never seen one that wasn't full of spelling and/or grammatical errors or a web page that didn't look phony.

EDIT: Look what I just got...

PayPal Department Notice

You have received this email because you or someone had used your account from different locations.
For security purpose, we are required to open an investigation into this matter.

In order to safeguard your account, we require that you confirm your banking details.
To help speed up this process, please access the following link so we can complete the verification of
your PayPal Account registration information :

<LINK REMOVED>

Please Note:
If we do no receive the appropriate account verification within 48 hours, then we will assume this PayPal account is fraudulent and will be suspended. The purpose of this verification is to ensure that your bank account has not been fraudulently used and to combat the fraud from our community.

We appreciate your support and understanding and thank you for your prompt attention to this matter.

Regards,

PayPal Department

Please do not reply to this email as this is only a notification. Mail sent to this address cannot be answered.
PayPal Departament

 

[Dmac77]

Sadly, these types of things do work or they wouldn't do them. Whether it's the Nigerian emails or phishing scams, people do click these links and provide information. I have never seen one that wasn't full of spelling and/or grammatical errors or a web page that didn't look phony.

EDIT: Look what I just got...

PayPal Department Notice

You have received this email because you or someone had used your account from different locations.
For security purpose, we are required to open an investigation into this matter.

In order to safeguard your account, we require that you confirm your banking details.
To help speed up this process, please access the following link so we can complete the verification of
your PayPal Account registration information :

<LINK REMOVED>

Please Note:
If we do no receive the appropriate account verification within 48 hours, then we will assume this PayPal account is fraudulent and will be suspended. The purpose of this verification is to ensure that your bank account has not been fraudulently used and to combat the fraud from our community.

We appreciate your support and understanding and thank you for your prompt attention to this matter.

Regards,

PayPal Department

Please do not reply to this email as this is only a notification. Mail sent to this address cannot be answered.
PayPal Departament

That one is actually semi-believable. Until they say

PayPal Department

for a second time.

Don

 

[kolax]

That one is actually semi-believable. Until they say for a second time.

Don

It is full of grammar errors:

PayPal Account Verification

You have received this email because you or someone else has used your account from different locations.
For security purposes, we are required to investigate this.

In order to safeguard your account, you are required to confirm your bank account details.
To help speed up this process, please access the following link so you can complete the verification process to prove that you are the legitimate account holder.

<LINK REMOVED>

Please Note:
If we do not receive the appropriate account verification within 48 hours, then it will be assumed this PayPal account is fraudulent and will be suspended. The purpose of this verification is to ensure that your bank account has not been subject to fraud and to help tackle cases of fraud in relation to PayPal.

We appreciate your support and understanding on this matter.

Regards,

PayPal


Seriously, I still find it amusing how pathetically and poorly attempted some of these emails are.

 

[rdowns]

That one is actually semi-believable. Until they say for a second time.

Don

Don't forget the third time they mentioned it and misspelled it.

 

[Eric S.]

I got one of the MobileMe bogus emails yesterday. It was obvious but still disturbing because I haven't used my .mac email account for anything yet except to get receipts from the Apple store (and of course the MobileMe extension notices), and yet still someone got ahold of it. So apparently someone has been able to acquire MobileMe email addresses, unless it was just a lucky randomly generated user ID.

Edit: Actually I have to take that back. I remember now that just the day before (Saturday) I had used the .mac address when replying to the author of an online MacWorld.com article - since the article was about MobileMe I thought it made more sense to identify myself as a MobileMe user. Hmm.

 

[twoodcc]

wow, this is terrible. glad i'm not a victim of this

 

[bobertoq]

Wirelessly posted (iPhone: Mozilla/5.0 (iPhone; U; CPU iPhone OS 2_0_2 like Mac OS X; en-us) AppleWebKit/525.18.1 (KHTML, like Gecko) Version/3.1.1 Mobile/5C1 Safari/525.20)

It is really annoying that people do this kind of stuff. I really hope no one falls for it.

I don't think anyone would. I saw the URL for it. The url was something like

superduperawesomebanks.com/apple.com/etc.

it's an exaggerated example, but you get the point. A decent attempt would have a URL like:

apple.billing.com

 

[bobertoq]

Sadly, these types of things do work or they wouldn't do them. Whether it's the Nigerian emails or phishing scams, people do click these links and provide information. I have never seen one that wasn't full of spelling and/or grammatical errors or a web page that didn't look phony.

EDIT: Look what I just got...

PayPal Department Notice

You have received this email because you or someone had used your account from different locations.
For security purpose, we are required to open an investigation into this matter.

In order to safeguard your account, we require that you confirm your banking details.
To help speed up this process, please access the following link so we can complete the verification of
your PayPal Account registration information :

<LINK REMOVED>

Please Note:
If we do no receive the appropriate account verification within 48 hours, then we will assume this PayPal account is fraudulent and will be suspended. The purpose of this verification is to ensure that your bank account has not been fraudulently used and to combat the fraud from our community.

We appreciate your support and understanding and thank you for your prompt attention to this matter.

Regards,

PayPal Department

Please do not reply to this email as this is only a notification. Mail sent to this address cannot be answered.
PayPal Departament

Haha they said PayPal "Department" two times. Department.

 

[ucfgrad93]

don't people realize that they don't get charged per month. Apple charges the whole year at one time to the credit card. So these scammers are donkeys, nice try

edit - i haven't gotten it so i guess my account is all good

That is what caught my eye as well. And like you I haven't gotten this yet either.

 

[macaron1]

Sadly, a small yet significant percentage of targets must be falling for the scam, despite grammatical and other flaws. Otherwise, these badly worded and designed phishing schemes would not persist over the years.