Page 1 of 2 12 LastLast
Results 1 to 15 of 27
  1. #1


    Member Since
    Oct 13, 2009
    Posts
    357
    Specs:
    25" iMac 3.06 GHz Intel Core 2 Duo iPhone 4
    URGENT:Malware purporting to be from Apple
    This arrived in my inbox this morning and thank God I thought it looked suspicious. I checked the order #(redacted) and it did not exist. I then called Apple and he said that I was the 11th caller in the last 90 minutes who had received this e-mail. I did not click the link, but I'm betting that it was to "confirm" credit card information so that scammers could steal it. Apple is aware that this is happening and is working on it.

    Just wanted to warn others.


    From: Apple Store <order_acknowledgment@orders.apple.com>
    Subject: Thank you for your order
    Date: March 12, 2012
    To:

    Dear Customer,

    Thank you for shopping at Apple Store.

    We would like to notify you that your Order Number: WXXXXXXX has been successfully charged to your credit card for 3,456.03 USD.

    Please CLICK HERE to see your ORDER.

    Your Apple Store Customer Service Team
     24" iMac, 3.06GHz C2D, 4GB RAM, 1TB HDD, 10.6.8
     2011 Mac mini, 2.7Ghz i7, 8GB RAM, 750 GB HDD, 10.7.3
     iPad3 64GB, iPad2 32 GB
     iPhone 4, 32GB  Airport Extreme 5

  2. #2

    dtravis7's Avatar
    Member Since
    Jan 04, 2005
    Location
    Modesto, Ca.
    Posts
    28,981
    Specs:
    iMac 2010 27" QuadI7 OSX10.11, iMac 2008 OSX10.11, MBP Late2011OSX10.11 , iPad Air, iPhone 3GS
    Thanks for the heads up! It might save someone some grief!

  3. #3


    Member Since
    Apr 20, 2010
    Posts
    472
    Specs:
    21.5 iMac 3.06 ghz 12gb ram 500g HD iPad 2 16G
    Got the exact same one at 10:39am...I knew it was bogus...and I did click on it....Got error 404 page not found....Called Apple for the **** of it...They corroborated the bogus e-mail...

  4. #4

    vansmith's Avatar
    Member Since
    Oct 19, 2008
    Location
    Toronto
    Posts
    19,782
    Specs:
    2012 13" MBP (2.5 i5, 8GB)
    Did the email actually originate from the apple.com domain? The email you provided in your first post seems to suggest that it did. If not, what domain did it come from? It wouldn't hurt to pass that information along so we can all know what to look for.
    Important Links: Community Guidelines : Use the reputation system if you've been helped.
    M-F Blog :: Write for the blog
    Writing a Quality Post

  5. #5


    Member Since
    Sep 30, 2008
    Posts
    35
    I got the a similar this morning for an order from AT&T... I don't have AT&T

    Thank you for your recent purchase of AT&T Voice/Data Equipment on transaction (91/order number ******/******).
    Could you please take five minutes to let us know how we did? To access the survey, click on the link below or cut and paste the entire link into your browser's address line.

    ONCE YOU HAVE SUBMITTED YOUR COMPLETED SURVEY, YOU WILL AUTOMATICALLY BE ENTERED IN A DRAWING TO WIN AN IPAD 2*!

  6. #6

    vansmith's Avatar
    Member Since
    Oct 19, 2008
    Location
    Toronto
    Posts
    19,782
    Specs:
    2012 13" MBP (2.5 i5, 8GB)
    I removed the link from your post - if this is indeed a spam related problem, we don't need to help them out by giving out the links.
    Important Links: Community Guidelines : Use the reputation system if you've been helped.
    M-F Blog :: Write for the blog
    Writing a Quality Post

  7. #7


    Member Since
    Oct 13, 2009
    Posts
    357
    Specs:
    25" iMac 3.06 GHz Intel Core 2 Duo iPhone 4
    Quote Originally Posted by vansmith View Post
    I removed the link from your post - if this is indeed a spam related problem, we don't need to help them out by giving out the links.
    I didn't think I included the link in the first post, just the word "LINK". It didn't show up on my browser. My apologies if it was included

    Quote Originally Posted by vansmith View Post
    Did the email actually originate from the apple.com domain? The email you provided in your first post seems to suggest that it did. If not, what domain did it come from? It wouldn't hurt to pass that information along so we can all know what to look for.
    The "From" information was taken directly from the actual e-mail. That's the only address I have. Is there another way to trace the domain?
     24" iMac, 3.06GHz C2D, 4GB RAM, 1TB HDD, 10.6.8
     2011 Mac mini, 2.7Ghz i7, 8GB RAM, 750 GB HDD, 10.7.3
     iPad3 64GB, iPad2 32 GB
     iPhone 4, 32GB  Airport Extreme 5

  8. #8

    vansmith's Avatar
    Member Since
    Oct 19, 2008
    Location
    Toronto
    Posts
    19,782
    Specs:
    2012 13" MBP (2.5 i5, 8GB)
    Quote Originally Posted by class77 View Post
    I didn't think I included the link in the first post, just the word "LINK"
    I didn't touch your post - that comment was for the post above mine.
    Important Links: Community Guidelines : Use the reputation system if you've been helped.
    M-F Blog :: Write for the blog
    Writing a Quality Post

  9. #9


    Member Since
    Oct 13, 2009
    Posts
    357
    Specs:
    25" iMac 3.06 GHz Intel Core 2 Duo iPhone 4
    Quote Originally Posted by vansmith View Post
    I didn't touch your post - that comment was for the post above mine.
    Thanks for the clarification
     24" iMac, 3.06GHz C2D, 4GB RAM, 1TB HDD, 10.6.8
     2011 Mac mini, 2.7Ghz i7, 8GB RAM, 750 GB HDD, 10.7.3
     iPad3 64GB, iPad2 32 GB
     iPhone 4, 32GB  Airport Extreme 5

  10. #10

    vansmith's Avatar
    Member Since
    Oct 19, 2008
    Location
    Toronto
    Posts
    19,782
    Specs:
    2012 13" MBP (2.5 i5, 8GB)
    Quote Originally Posted by class77 View Post
    The "From" information was taken directly from the actual e-mail. That's the only address I have. Is there another way to trace the domain?
    It depends on the mail client you're using. Some allow you to see more information about the sender which would give you a better sense of where it was coming from.
    Important Links: Community Guidelines : Use the reputation system if you've been helped.
    M-F Blog :: Write for the blog
    Writing a Quality Post

  11. #11


    Member Since
    Oct 13, 2009
    Posts
    357
    Specs:
    25" iMac 3.06 GHz Intel Core 2 Duo iPhone 4
    Quote Originally Posted by vansmith View Post
    It depends on the mail client you're using. Some allow you to see more information about the sender which would give you a better sense of where it was coming from.
    Just using the Apple Mail software. Is there anything I can do to find further info?
     24" iMac, 3.06GHz C2D, 4GB RAM, 1TB HDD, 10.6.8
     2011 Mac mini, 2.7Ghz i7, 8GB RAM, 750 GB HDD, 10.7.3
     iPad3 64GB, iPad2 32 GB
     iPhone 4, 32GB  Airport Extreme 5

  12. #12


    Member Since
    Apr 20, 2010
    Posts
    472
    Specs:
    21.5 iMac 3.06 ghz 12gb ram 500g HD iPad 2 16G
    This was mine verbatim ... Excluding the live link of Click Here


    From: *order_acknowledgment@orders.apple.com

    Dear Customer,

    Thank you for shopping at Apple Store.

    We would like to notify you that your Order Number: W253465457 has been successfully charged to your credit card for 4,958.01 USD.

    Please*"click here"*to see your INVOICE.

    Your Apple Store Customer Service Team

  13. #13

    vansmith's Avatar
    Member Since
    Oct 19, 2008
    Location
    Toronto
    Posts
    19,782
    Specs:
    2012 13" MBP (2.5 i5, 8GB)
    Select the message > View > Message > All Headers. That will give you more information and for this thread, we're interested in the "Received" fields which will tell us where the email started, where it went and where it ended up (which would be with you). It's arranged chronologically with the origin at the bottom of the list. Where does it say it originated?
    Important Links: Community Guidelines : Use the reputation system if you've been helped.
    M-F Blog :: Write for the blog
    Writing a Quality Post

  14. #14


    Member Since
    Oct 13, 2009
    Posts
    357
    Specs:
    25" iMac 3.06 GHz Intel Core 2 Duo iPhone 4
    Quote Originally Posted by vansmith View Post
    Select the message > View > Message > All Headers. That will give you more information and for this thread, we're interested in the "Received" fields which will tell us where the email started, where it went and where it ended up (which would be with you). It's arranged chronologically with the origin at the bottom of the list. Where does it say it originated?


    From: Apple Store <order_acknowledgment@orders.apple.com>
    Subject: Thank you for your order
    Date: March 12, 2012 9:29:07 AM CDT
    To: XXXXXXXXXXX
    Return-Path: Same as "From"-deleted because of e-mail link
    Received: I deleted this. Was not certain that it might not have the addresses of those it was sent to and wanted to ensure their privacy
    X-Caa-Spam: 00000
    X-Authority-Analysis: v=2.0 cv=QarRSLnv c=1 sm=1 a=siV9WVqFgvTboKNz5ODPgA==:17 a=N659UExz7-8A:10 a=bfbTxPC6ShgA:10 a=qWt39RqDAAAA:8 a=W86bdoAwunfnoZHJ-F0A:9 a=lk9ESJYJ29nlyUfdSzwA:7 a=pILNOxqGKmIA:10 a=_W_S_7VecoQA:10 a=GN58vHO7ZDYA:10 a=p563do5EzwUA:10 a=nQVTnSuBv8iCc6TP:21 a=_r_tmMOTfCLEBC0N:21 a=siV9WVqFgvTboKNz5ODPgA==:117
    X-Mailer: The Bat! (v2.00.8) Personal
    X-Priority: 3 (Normal)
    Message-Id: <02ff77$jog44r@badger-txnvip.apple.com>
    Mime-Version: 1.0
    Content-Type: text/html; charset=Windows-1252
    Content-Transfer-Encoding: 7bit
     24" iMac, 3.06GHz C2D, 4GB RAM, 1TB HDD, 10.6.8
     2011 Mac mini, 2.7Ghz i7, 8GB RAM, 750 GB HDD, 10.7.3
     iPad3 64GB, iPad2 32 GB
     iPhone 4, 32GB  Airport Extreme 5

  15. #15

    vansmith's Avatar
    Member Since
    Oct 19, 2008
    Location
    Toronto
    Posts
    19,782
    Specs:
    2012 13" MBP (2.5 i5, 8GB)
    Quote Originally Posted by class77 View Post
    Received: I deleted this. Was not certain that it might not have the addresses of those it was sent to and wanted to ensure their privacy
    That's the part I need. We only need the first one however (bottom one).

    This looks legit - it does appear to be coming from an Apple domain. It would appear therefore that something weird is going on at Apple.
    Important Links: Community Guidelines : Use the reputation system if you've been helped.
    M-F Blog :: Write for the blog
    Writing a Quality Post

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. How do i get rid off malware in IOS8 i.e WireLurker malware
    By richardbenson22 in forum OS X - Operating System
    Replies: 3
    Last Post: 11-10-2014, 07:49 AM
  2. New Java malware attacks Apple's OS X along with Windows, Linux
    By OneMoreThing... in forum Apple Rumors and Reports
    Replies: 7
    Last Post: 07-13-2012, 10:42 AM
  3. First iOS Malware Discovered in Apple App Store
    By odenkun in forum Apple Rumors and Reports
    Replies: 10
    Last Post: 07-06-2012, 10:27 AM
  4. Questions about Apple malware protection
    By class77 in forum Switcher Hangout
    Replies: 3
    Last Post: 09-28-2011, 04:54 AM
  5. URGENT: Help with purschasing @ Apple store
    By Frolex in forum Switcher Hangout
    Replies: 10
    Last Post: 03-09-2011, 12:07 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •