E-mail Scams

[lclev]

I debated where to post this but decided that there may be some people who do not know about fake e-mails.



I blurred out my e-mail address, which is correct for my apple ID and at first glance looks legit. But, when I hover my mouse over the blue "Update my account" button it shows a myspace account address. I didn't even know myspace was still around - huh, go figure.

Also note what version of iOS they claim the device used to change my password was running. Is there anything around still capable of running that version, could it even be used on today's internet, and did they even call it iOS 1?

Sadly, some people will fall for it.

Lisa

 

[Slydude]

Good catch Lisa. I didn't notice the thing about OS version until you mentioned it. If there are still devices in service runnin g that OS I doubt they can go on the internet.

 

[Raz0rEdge]

ANY decent company is going to have people who write proper English and will not send you emails with such ridiculous mistakes. That, in itself, should be enough to discard the email as a phishing attempt/scam email.

 

[IWT]

Thank you Lisa.

These scams are numerous.

Over and above the aforementioned tips:

hover over the sender's name. It will be something like [email protected]. I've made that up but this is the sort of thing you should check.

And when Apple does contact you, it addresses you as Dear "the name you have authorised us to use"; not dear customer/client etc.

And, as stated, their grammar and spelling are spot on. For example, as I live in the UK, the spelling is always "British English". Apple are fussy that way.

Ian

 

[ferrarr]

I came across this yesterday, but I forgot about it.

https://www.engadget.com/2018/07/30/phishing-scam-targets-iphone-users-fake-call-apple-care/

 

[toMACsh]

Bottom line: Never click on a link in an e-mail unless it comes from a trusted friend or family member and you know where it will take you.

 

[Cr00zng]

Bottom line: Never click on a link in an e-mail unless it comes from a trusted friend or family member and you know where it will take you.

I am certain that you know, but spoofing the from email address is easy. For this reason, my email client is configured to read the email in text format; doing so prevents malware running in the background just by reading email. In addition, the link is displayed in the email, but clinking on it does not open the link, prevented by a policy. I have to manually copy/paste the link in to a browser, if I'd want to visit the link. If I trust the sender/content of the email, I can switch to reading it in HTML format, but still need copy/paste the link. Overly cautious, yes, and I don't recommend for everyone...

A number of clients of mine had malware taking over their system, that arrived via email from their trusted business partners. The most preferred attachment format is PDF, but have seen Word docs as well. And most of these emails actually came from the trusted business partners, not spoofed senders, whose system had been hacked. So much for trusting...

It's a cesspool out there nowadays...

 

[Cr00zng]

Couple of weeks ego, I've received a ransom notice from a verified outlook.com email address. Basically, the email stated my last name, some unknown password, Bitcoin account # and my activity of watching adult videos. The ransom amount was US $1,200.

Knowing that watching adult, age 21 and over, entertainment is not against any laws and I probably did in some point in my Internet history, it did not make me nervous. My initial reaction was to request a link to the video for verification purposes, plus, I have have not watched any adult entertainment for a long time. Instead, I verified the sender's email address and reported to outlook.com. There has been no follow up from either the sender, or outlook.com as of yet...

I still have the ransom email and could post the content, if you're interested...

 

[toMACsh]

I am certain that you know, but spoofing the from email address is easy.

It's a cesspool out there nowadays...

Well, yes. I have gotten bizarre e-mails supposedly from someone in my Contacts. It's usually pretty obvious when it's not legit. They can spoof an address, but they cannot mimic the person's interests (what they might write about) and way of writing.

 

[lclev]

I get the occasional email from a person I know but it says something to the affect of "Hey I found this interesting video (or website, or article) and there will be a link. Since I know it is all a scam I delete them.

Lisa