An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Previous Thread
Next Thread
Print Thread
dubious message
#36247 10/04/15 06:25 PM
Joined: Aug 2009
Likes: 2
jaybass Offline OP
OP Offline

Joined: Aug 2009
Likes: 2
OS 10.6.8. Does anyone know what this means. jaybass

From: Apple <noreply@appleid.ssl.com>
Subject: Your Apple ID has been suspended [#478573]
Date: October 4, 2015 2:58:16 PM EDT


OS 13.6.4 iMac (Retina 5K, 27", 2017, 3.4 GHz Intel Core i5, 24 GB RAM, 2400 MHz DDR4. SuperDuper. 1 TB Lacie HD
Re: dubious message
jaybass #36248 10/04/15 06:46 PM
Joined: Aug 2009
Likes: 16
Moderator
Online
Moderator

Joined: Aug 2009
Likes: 16
Apple Knowledge Base 204106 addresses this.

There have been similar phishing scams but this does not appear to have any of the characteristics of a common phishing exploit.


If we knew what it was we were doing, it wouldn't be called research, would it?

— Albert Einstein
Re: dubious message
joemikeb #36250 10/04/15 07:49 PM
Joined: Aug 2009
Likes: 2
jaybass Offline OP
OP Offline

Joined: Aug 2009
Likes: 2
Here is the full email.


Dear Customer,
Our automated system was recently unable to validate your details and therefor we require you to complete a short validation process. Please proceed to the link below in order to avoid any interruption to your Apple services.
Click here to validate your account information >
This link will expire 48 hours after this email was sent and your Apple ID may be suspended.
Apple Support. When I clicked the account information, A window appeared warning me that it might be a phlishing site. Should I ignore the warning? jaybass


OS 13.6.4 iMac (Retina 5K, 27", 2017, 3.4 GHz Intel Core i5, 24 GB RAM, 2400 MHz DDR4. SuperDuper. 1 TB Lacie HD
Re: dubious message
joemikeb #36251 10/04/15 08:19 PM
Joined: Aug 2009
Likes: 2
jaybass Offline OP
OP Offline

Joined: Aug 2009
Likes: 2
I have just created a new password with Apple so I imagine that should solve the problem. jaybass


OS 13.6.4 iMac (Retina 5K, 27", 2017, 3.4 GHz Intel Core i5, 24 GB RAM, 2400 MHz DDR4. SuperDuper. 1 TB Lacie HD
Re: dubious message
jaybass #36252 10/04/15 08:20 PM
Joined: Aug 2009
Likes: 4
Offline

Joined: Aug 2009
Likes: 4
Originally Posted By: jaybass

Dear Customer,
Our automated system was recently unable to validate your details and therefor we require you to complete a short validation process. Please proceed to the link below in order to avoid any interruption to your Apple services.
Click here to validate your account information >
This link will expire 48 hours after this email was sent and your Apple ID may be suspended.
Apple Support.

When I clicked the account information, a window appeared warning me that it might be a phishing site. Should I ignore the warning?

Are you nuts ?! shocked

Contrary to joemikeb's comment, the e-message you received looks very much like a phishing attempt (none of the details in "If your Apple ID has been locked" [HT204106] apply to your message), right down to the misspelling of "therefore" as "therefor".

Unless you call Apple Support to verify whether the email is truly from Apple, you're likely to get blown out of the water.
Under no circumstances give out any personal and/or financial information requested by an email message ... no matter where it's apparently from (and that includes relatives).

Re: dubious message
grelber #36253 10/04/15 09:05 PM
Joined: Aug 2009
Likes: 2
jaybass Offline OP
OP Offline

Joined: Aug 2009
Likes: 2
I had my doubts from the start. But when that warning appeared and I couldn't get off it, that is why I posted it. Thanks for your input. jaybass


OS 13.6.4 iMac (Retina 5K, 27", 2017, 3.4 GHz Intel Core i5, 24 GB RAM, 2400 MHz DDR4. SuperDuper. 1 TB Lacie HD
Re: dubious message
jaybass #36255 10/04/15 09:39 PM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
Quote:
...that warning appeared and I couldn't get off it....

Before I get incorrectly explicit, what, precisely, does that mean?


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: dubious message
grelber #36257 10/04/15 11:03 PM
Joined: Aug 2009
Likes: 16
Moderator
Online
Moderator

Joined: Aug 2009
Likes: 16
Originally Posted By: grelber
Are you nuts ?! shocked

Contrary to joemikeb's comment, the e-message you received looks very much like a phishing attempt (none of the details in "If your Apple ID has been locked" [HT204106] apply to your message), right down to the misspelling of "therefore" as "therefor".

Having now seen the FULL extent of the message I agree with Grelber.


If we knew what it was we were doing, it wouldn't be called research, would it?

— Albert Einstein
Re: dubious message
jaybass #36266 10/05/15 12:37 PM
Joined: Aug 2009
Offline

Joined: Aug 2009
THIS IS AN ONGOING SCAM

I have been unusually heavily targeted by this phishing attack that started about 3 months ago, not sure why. But at one point I was receiving as many as five variations on this every single day.

They were phishing for Apple ID, Applecare ID, and also really really wanted my GSX credentials. About 4 days after the attacks began, Apple added additional security to GSX. (which eventually was changed to two-factor authentication!) After the change to 2-factor, the gsx phishing mostly stopped. But the Apple ID attempts continue, and will likely not end anytime soon.

There are several easy rules that everyone in the world really needs to know about emails FROM vendors. The most important one of all:

If they don't address you by your name, THROW IT AWAY

That alone will identify over 99.9% of phishing emails.


additional safe practice:

1) it IS possible for an account to get locked due to excessive password attempts or other reasons, but you should NEVER CLICK A LINK in a "you need to reset your password" email. ALWAYS open up your web browser and enter the URL manually.

2) NEVER "verify your information". Vendors never need to verify anything important, especially passwords. (a vendor will never outright ASK you for your password other than at the login prompt, see #1) Anyone trying to get you to "verify" your information wants you to give it to them. I've played along with forms like this just to see how bold they would get, and every time I filled a page with bogus data they popped up a new page with even more egregious requests. We're talking social security numbers, credit cards (all of them), as the pages went on they clearly were going to see just how profoundly stupid I was going to be and just how much stuff I was willing to give them

3) Just because it LOOKS official, doesn't mean it IS official. Logos can be copied, pictures can be duplicated, it's very common for entire websites to be cloned completely. Don't trust it just because it looks right".


I work for the Department of Redundancy Department
Re: dubious message
jaybass #36269 10/05/15 02:15 PM
Joined: Aug 2009
Likes: 2
jaybass Offline OP
OP Offline

Joined: Aug 2009
Likes: 2
In other words, it wouldn't allow me to exit the warning and the only way out was to close the page which of course returned me to the email. jaybass


OS 13.6.4 iMac (Retina 5K, 27", 2017, 3.4 GHz Intel Core i5, 24 GB RAM, 2400 MHz DDR4. SuperDuper. 1 TB Lacie HD
Re: dubious message
Virtual1 #36270 10/05/15 02:19 PM
Joined: Aug 2009
Likes: 2
jaybass Offline OP
OP Offline

Joined: Aug 2009
Likes: 2
Well put. I think I have digested all the signs. Thank you for that. jaybass


OS 13.6.4 iMac (Retina 5K, 27", 2017, 3.4 GHz Intel Core i5, 24 GB RAM, 2400 MHz DDR4. SuperDuper. 1 TB Lacie HD
Re: dubious message
jaybass #36271 10/05/15 02:34 PM
Joined: Aug 2009
Offline

Joined: Aug 2009
Originally Posted By: jaybass
In other words, it wouldn't allow me to exit the warning and the only way out was to close the page which of course returned me to the email. jaybass

NO legitimate site tries to hold onto you when you are trying to close a window. ANYTIME you see one of those "are you SURE you want to close this window?" javascript popups, force-quit your browser. They can make either button in the dialog box do anything they want. That's an enormous red flag. IMHO that java popup hook needs to be removed from the java spec.


I work for the Department of Redundancy Department
Re: dubious message
Virtual1 #36273 10/05/15 02:43 PM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
That's what I was thinking when I asked my question, but I'm now thinking that jaybass was talking about

Quote:
When I clicked the account information, A window appeared warning me that it might be a phlishing site.

which is a Safari, not malicious window.


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: dubious message
jaybass #36474 10/17/15 05:26 PM
Joined: Aug 2009
Likes: 1
Offline

Joined: Aug 2009
Likes: 1
Right now, I'm averaging about 3-6 of these emails a day.

They're scams--fake signin pages placed on hacked Web sites to attempt to steal people's Apple logins.


Photo gallery, all about me, and more: www.xeromag.com/franklin.html

Moderated by  alternaut, dianne, MacManiac 

Link Copied to Clipboard
Powered by UBB.threads™ PHP Forum Software 7.7.4
(Release build 20200307)
Responsive Width:

PHP: 7.4.33 Page Time: 0.024s Queries: 42 (0.018s) Memory: 0.6404 MB (Peak: 0.7507 MB) Data Comp: Zlib Server Time: 2024-03-29 01:44:10 UTC
Valid HTML 5 and Valid CSS