An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Previous Thread
Next Thread
Print Thread
Really Well Done Phishing Scam
#50242 10/17/18 12:43 PM
Joined: Aug 2009
Likes: 16
Moderator
OP Offline
Moderator

Joined: Aug 2009
Likes: 16
You get a very official looking and well done email ostensibly from Apple that your Spotify (or Netflix or … whatever) trial subscription is over and the annual subscription will automatically be charged to your Apple account unless you unsubscribe within a day or two. Conveniently a link to your Apple Account manager is provided in the email, just enter your Apple ID and Password.

My wife was threatened with an $85 charge for Netflix and a friend with $150 for Spotify. Of course neither was valid. All the Phishing crew wants is your Apple ID and Password. Both have been reported to Apple, but in the meantime, ''BE CAREFUL OUT THERE"


If we knew what it was we were doing, it wouldn't be called research, would it?

— Albert Einstein
Re: Really Well Done Phishing Scam
joemikeb #50247 10/17/18 04:09 PM
Joined: Aug 2009
Likes: 8
Offline

Joined: Aug 2009
Likes: 8
How did the e-mail address the recipient; e.g., "Dear …" ?

I have read that legitimate Apple e-mails always address you by your complete first and last name.


On a Mac since 1984.
Currently: 24" M1 iMac, M2 Pro Mac mini with 27" BenQ monitor, M2 Macbook Air, MacOS 14.x; iPhones, iPods (yes, still) and iPads.
Re: Really Well Done Phishing Scam
Ira L #50257 10/18/18 10:16 AM
Joined: Aug 2017
Offline

Joined: Aug 2017
Avoid phishing emails, fake 'virus' alerts, phony support calls, and other scams - Apple Support
Identify legitimate emails from the App Store or iTunes Store - Apple Support

Quote:
I have read that legitimate Apple e-mails always address you by your complete first and last name.

Not quite.
Invoices cite your billing details, including full name, but the message is not composed with a salutation like ‘Dear James’.
Marketing emails (“News”) are not personalized.
Subscription confirmation and alerts (your subscription is expiring) have a first-name-only salutation.
Apple ID usage alerts (login with ID on new device) have a first-name-only salutation.

With macOS Mail, you can hover over links to reveal their URL. That is often a good clue for phishing attempts, if the domain name isn’t as expected.

Re: Really Well Done Phishing Scam
joemikeb #50260 10/18/18 04:18 PM
Joined: Aug 2009
Likes: 8
Offline

Joined: Aug 2009
Likes: 8
So in light of the information in the link provided in the posting above, I am still curious as to the salutation, info, etc. that appeared in the phishing e-mail.


On a Mac since 1984.
Currently: 24" M1 iMac, M2 Pro Mac mini with 27" BenQ monitor, M2 Macbook Air, MacOS 14.x; iPhones, iPods (yes, still) and iPads.
Re: Really Well Done Phishing Scam
Ira L #50265 10/18/18 09:32 PM
Joined: Aug 2009
Likes: 16
Moderator
OP Offline
Moderator

Joined: Aug 2009
Likes: 16
Originally Posted By: Ira L
So in light of the information in the link provided in the posting above, I am still curious as to the salutation, info, etc. that appeared in the phishing e-mail.

My very phishing adverse wife deleted the message before I got to see it, but she says she thinks it addressed her first name but she is far from certain.


If we knew what it was we were doing, it wouldn't be called research, would it?

— Albert Einstein

Moderated by  alternaut, cyn 

Link Copied to Clipboard
Powered by UBB.threads™ PHP Forum Software 7.7.4
(Release build 20200307)
Responsive Width:

PHP: 7.4.33 Page Time: 0.021s Queries: 24 (0.017s) Memory: 0.5892 MB (Peak: 0.6560 MB) Data Comp: Zlib Server Time: 2024-03-28 10:16:50 UTC
Valid HTML 5 and Valid CSS