The spousal unit recently received two emails notifying her of her latest purchases (that she never made).
The first one was in perfect english and looked so real that it had me worried. Said she had purchased an ipod to be delivered to a different name in Brooklin.
We have no Cc on file, so basically that put my mind to rest. The mail looked so realistic that we double checked, by other means, on her apple id account. Nothing there.

The latest one was in spanish and announced the acquisition of smule app. A product we've never heard of until then.
There was some poor writting skills displayed both in spanish and english (disclaimers and such) so the bad intentions were obvious.

Bottom line, be cautios and DO NOT PANIC! Usually these mails do not pass a second inspection. By nature we read too fast and fill in the blanks, jumping to eager and often incorrect conclusions.

0-0

quote:

Originally posted by 0-0:
Bottom line, be cautios and DO NOT PANIC! Usually these mails do not pass a second inspection.

Using "tagged" (aka: "plussed") email addressing helps.

This is where you give your contact (vendor, what-have-you) an email address like "jdoe+foobarbaz@example.com," rather than just "jdoe@". Most modern mail servers will strip the "+" and everything following it up to the "@", then deliver to the remainder.

If your email client isn't brain-dead (such as the default iOS email client is) and allows you do see full headers, and if your email server isn't brain-dead (as Microsoft's tends to be) and supports the traditional headers, that tagged address will show up as "X-Original-to: jdoe+foobarbaz@example.com."

All you have to do is look at that. If it claims to have come from Foo Bar Baz Company, but it wasn't sent to your email address tagged for Foo Bar Baz Co., then you know it's a spoof.

If it was sent to your tagged address and it didn't come from them, then you know they either sold your email address of they've been compromised.

Please be careful. That purchase may have been on your cell phone carrier account (Verizon, AT&T, etc.) and be sure to check that account. But DON'T click on any links in any emails.

quote:

Originally posted by ensigmatic:

Using "tagged" (aka: "plussed") email addressing helps.

Thanks for this gem. I had considered opening different email accounts for various purposes but this is simpler and effective.

I got a bunch of those about three weeks ago and just forwarded them to Apple:

reportphishing@apple.com

Some of them almost looked legitimate. As a rule I never click a link in any e-mail.

quote:

Originally posted by Rey HRH:

quote:

Originally posted by ensigmatic:

Using "tagged" (aka: "plussed") email addressing helps.

Thanks for this gem. I had considered opening different email accounts for various purposes but this is simpler and effective.

You're welcome.

Be sure to test it with your email provider, by emailing yourself to a tagged address, first. (It works for gmail and Apple mail, if you're using one of those.)

Also be advised that some (too many) web developers think the "+" sign in an email address is invalid, so you cannot use it. (Yes: They're incompetent and should not be allowed to write software.) I just ran into this in a Jeep forum.

Set up to reply and you can see the whole email addy. That usually gives it away when its "AppleSUpport@BoboNigeria.com.

You shouldn't be surprised these email phishing scams are quite common.
Just because it happens to have something that you have in common like mentioning the Applestore only makes it more enticing.
That is what they want.
Do fall for it and don't be surprised.
This is nothing new.

I got one too! It looked very legitimate.