An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Topic Options
#36247 - 10/04/15 11:25 AM dubious message
jaybass Offline


Registered: 08/04/09
Loc: toronto Canada
OS 10.6.8. Does anyone know what this means. jaybass

From: Apple <noreply@appleid.ssl.com>
Subject: Your Apple ID has been suspended [#478573]
Date: October 4, 2015 2:58:16 PM EDT

Top
#36248 - 10/04/15 11:46 AM Re: dubious message [Re: jaybass]
joemikeb Offline
Moderator

Registered: 08/04/09
Loc: Fort Worth, Texas
Apple Knowledge Base 204106 addresses this.

There have been similar phishing scams but this does not appear to have any of the characteristics of a common phishing exploit.
_________________________
joemikeb • moderator

Top
#36250 - 10/04/15 12:49 PM Re: dubious message [Re: joemikeb]
jaybass Offline


Registered: 08/04/09
Loc: toronto Canada
Here is the full email.


Dear Customer,
Our automated system was recently unable to validate your details and therefor we require you to complete a short validation process. Please proceed to the link below in order to avoid any interruption to your Apple services.
Click here to validate your account information >
This link will expire 48 hours after this email was sent and your Apple ID may be suspended.
Apple Support. When I clicked the account information, A window appeared warning me that it might be a phlishing site. Should I ignore the warning? jaybass

Top
#36251 - 10/04/15 01:19 PM Re: dubious message [Re: joemikeb]
jaybass Offline


Registered: 08/04/09
Loc: toronto Canada
I have just created a new password with Apple so I imagine that should solve the problem. jaybass

Top
#36252 - 10/04/15 01:20 PM Re: dubious message [Re: jaybass]
grelber Offline


Registered: 08/05/09
Loc: North of 49th ||
Originally Posted By: jaybass

Dear Customer,
Our automated system was recently unable to validate your details and therefor we require you to complete a short validation process. Please proceed to the link below in order to avoid any interruption to your Apple services.
Click here to validate your account information >
This link will expire 48 hours after this email was sent and your Apple ID may be suspended.
Apple Support.

When I clicked the account information, a window appeared warning me that it might be a phishing site. Should I ignore the warning?

Are you nuts ?! shocked

Contrary to joemikeb's comment, the e-message you received looks very much like a phishing attempt (none of the details in "If your Apple ID has been locked" [HT204106] apply to your message), right down to the misspelling of "therefore" as "therefor".

Unless you call Apple Support to verify whether the email is truly from Apple, you're likely to get blown out of the water.
Under no circumstances give out any personal and/or financial information requested by an email message ... no matter where it's apparently from (and that includes relatives).

Top
#36253 - 10/04/15 02:05 PM Re: dubious message [Re: grelber]
jaybass Offline


Registered: 08/04/09
Loc: toronto Canada
I had my doubts from the start. But when that warning appeared and I couldn't get off it, that is why I posted it. Thanks for your input. jaybass

Top
#36255 - 10/04/15 02:39 PM Re: dubious message [Re: jaybass]
artie505 Online


Registered: 08/04/09
Quote:
...that warning appeared and I couldn't get off it....

Before I get incorrectly explicit, what, precisely, does that mean?
_________________________
The new Great Equalizer is the SEND button.

In Memory Of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Top
#36257 - 10/04/15 04:03 PM Re: dubious message [Re: grelber]
joemikeb Offline
Moderator

Registered: 08/04/09
Loc: Fort Worth, Texas
Originally Posted By: grelber
Are you nuts ?! shocked

Contrary to joemikeb's comment, the e-message you received looks very much like a phishing attempt (none of the details in "If your Apple ID has been locked" [HT204106] apply to your message), right down to the misspelling of "therefore" as "therefor".

Having now seen the FULL extent of the message I agree with Grelber.
_________________________
joemikeb • moderator

Top
#36266 - 10/05/15 05:37 AM Re: dubious message [Re: jaybass]
Virtual1 Offline


Registered: 08/04/09
Loc: Iowa
THIS IS AN ONGOING SCAM

I have been unusually heavily targeted by this phishing attack that started about 3 months ago, not sure why. But at one point I was receiving as many as five variations on this every single day.

They were phishing for Apple ID, Applecare ID, and also really really wanted my GSX credentials. About 4 days after the attacks began, Apple added additional security to GSX. (which eventually was changed to two-factor authentication!) After the change to 2-factor, the gsx phishing mostly stopped. But the Apple ID attempts continue, and will likely not end anytime soon.

There are several easy rules that everyone in the world really needs to know about emails FROM vendors. The most important one of all:

If they don't address you by your name, THROW IT AWAY

That alone will identify over 99.9% of phishing emails.


additional safe practice:

1) it IS possible for an account to get locked due to excessive password attempts or other reasons, but you should NEVER CLICK A LINK in a "you need to reset your password" email. ALWAYS open up your web browser and enter the URL manually.

2) NEVER "verify your information". Vendors never need to verify anything important, especially passwords. (a vendor will never outright ASK you for your password other than at the login prompt, see #1) Anyone trying to get you to "verify" your information wants you to give it to them. I've played along with forms like this just to see how bold they would get, and every time I filled a page with bogus data they popped up a new page with even more egregious requests. We're talking social security numbers, credit cards (all of them), as the pages went on they clearly were going to see just how profoundly stupid I was going to be and just how much stuff I was willing to give them

3) Just because it LOOKS official, doesn't mean it IS official. Logos can be copied, pictures can be duplicated, it's very common for entire websites to be cloned completely. Don't trust it just because it looks right".
_________________________
I work for the Department of Redundancy Department

Top
#36269 - 10/05/15 07:15 AM Re: dubious message [Re: jaybass]
jaybass Offline


Registered: 08/04/09
Loc: toronto Canada
In other words, it wouldn't allow me to exit the warning and the only way out was to close the page which of course returned me to the email. jaybass

Top
#36270 - 10/05/15 07:19 AM Re: dubious message [Re: Virtual1]
jaybass Offline


Registered: 08/04/09
Loc: toronto Canada
Well put. I think I have digested all the signs. Thank you for that. jaybass

Top
#36271 - 10/05/15 07:34 AM Re: dubious message [Re: jaybass]
Virtual1 Offline


Registered: 08/04/09
Loc: Iowa
Originally Posted By: jaybass
In other words, it wouldn't allow me to exit the warning and the only way out was to close the page which of course returned me to the email. jaybass

NO legitimate site tries to hold onto you when you are trying to close a window. ANYTIME you see one of those "are you SURE you want to close this window?" javascript popups, force-quit your browser. They can make either button in the dialog box do anything they want. That's an enormous red flag. IMHO that java popup hook needs to be removed from the java spec.
_________________________
I work for the Department of Redundancy Department

Top
#36273 - 10/05/15 07:43 AM Re: dubious message [Re: Virtual1]
artie505 Online


Registered: 08/04/09
That's what I was thinking when I asked my question, but I'm now thinking that jaybass was talking about

Quote:
When I clicked the account information, A window appeared warning me that it might be a phlishing site.

which is a Safari, not malicious window.
_________________________
The new Great Equalizer is the SEND button.

In Memory Of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Top
#36474 - 10/17/15 10:26 AM Re: dubious message [Re: jaybass]
tacit Offline


Registered: 08/03/09
Loc: Portland, Oregon, USA
Right now, I'm averaging about 3-6 of these emails a day.

They're scams--fake signin pages placed on hacked Web sites to attempt to steal people's Apple logins.
_________________________
Photo gallery, all about me, and more: www.xeromag.com/franklin.html

Top

Moderator:  alternaut, dianne, MacManiac