Phishing email from 'Apple' - not

[Kryten]

I know you'll all be aware of this but I thought I'd post it anyway. It had my correct Apple ID. The billing address is not my address or anywhere near. I'm in the UK by the way.

 

[Raz0rEdge]

Well, for one, if you didn't order a Mac Mini recently, this is easy to spot.

But it's always best to check the From line as well since you'll see goofy things there. If somehow the idiots do put in a legitimate email address, checking the raw message source will tell you that the Apple mail severs weren't used to transmit the email.

 

[IWT]

@Kryten: I'm glad you posted this. Sure, most of us have obtained similar emails, but it never hurts to show people how easily they could get caught and what to check.

For example, as Moderator Ashwin said, click on the Sender's name and you will almost certainly see something like - xyzzy.apple.resource.net.com

Next: check how you they addressed you. Apple, in particular, but many others too, will have learnt how you wish to be addressed. Dear Mr Smith, Dear Mr M Smith, Dear Mike Smith, Dear Mike etc

Next: check the grammar and spelling. Often these are atrocious.

Never click on an included link that is supposed to take you to security, or Sales, or the Depot............

Don't worry in your case that they got your Apple ID Username. That's just your email address. Nothing difficult in finding what that is.

Some of the cleverest ones I've had, exactly mimicked the font and website layout of the real Sender - often a bank, building society, telephone provider (I used to get loads from BT = British Telecom for those outside the uk.).

Another great one is from a reputable delivery service UPS/DPD/Hermes etc - telling you that your parcel or delivery item could not be delivered and inviting you to click below to choose a more suitable date.

Ian

 

[Kryten]

Ash.

EDIT: Yes thanks Ian, I've had the Hermes and the DPD one too.

 

[chscag]

Also strange that the billing was noted in US $ rather than British £. Easy to spot.

 

[Slydude]

I've gotten similar emails supposedly from Apple. For me, the first clue was usually grammatical errors, as others have suggested. Later I noticed that the sender was not from an Apple server. In my case, IIRC, the letter threatened the shutdown of my Apple ID in a matter of days if I did not contact them immediately.

The fake email from FedEx might have worked if I hadn't realized that there was no reason for FedEx to contact me at the time. I hadn't ordered anything for several weeks and anyone sending me a package would have contacted me beforehand to let me know about a shipment.

 

[jpdemers]

The fake FedEx emails are devious - they snag victims who just happen to be expecting a FedEx package. I nearly fell for a similar scam, where the bogus sender just happened to catch me within an hour of my dealing with the real one. The tipoff is when they send you to a spoofed web site (designed to extract from you a password or other critical bit of info.) Fortunately, I'm in the habit of checking the url of any link sent to me.
Turned out that a colleague had had her email account hacked, and the crooks were monitoring it in real time, so they knew it was a good time to try their scam. Unfortunately, she was NOT in the habit of checking urls. (She is now!)