Thanks Ed, it's easy to fall victim John
On Oct 23, 2012, at 6:44 PM, Ed Wiser wrote: > The Unofficial Apple Weblog (TUAW) > Phishing email wants you to renew iCloud. Please don't! > > > On occasion, I see phishing spam in my inbox, just like we all do. These > emails usually look fairly realistic, and always have a link to click for me > to renew an account or pay a balance -- but since I'm a moderately savvy > fellow, I generally avoid falling for them, and you should too. > > Well, this morning an email allegedly from Apple told me I need to renew my > iCloud account. After making a few screenshots, I deleted the email. Why? > It's a phishing attempt, and not even a good one. Here's how to tell it's > fake. > > At the top of the email, the sender's address is completely wrong. A real > Apple email would come from the apple.com domain, not "rep.store.com". > Likewise, the App Store has nothing to do with iCloud accounts. > > Next, the subject line is "!Cloud" (exclamation point-Cloud), not "iCloud." > It's doubtful that Apple would let a mass email go without a quick > proofreading pass. And let's not forget the logo. Really? Have you ever seen > the word "iCloud" oriented vertically on an Apple site or communication? > > The paragraph explaining the "subscription was set to renew" is so full of > fail it's laughable. First, it should be iCloud "subscriber," not "member." > Next, why put PDT behind the date, when no time is listed? Third, have you > ever seen an email from Apple that is written in sentence fragments? "Attempt > to do so has failed." "Please take a minute." > > The biggest tell in the message, however, is the instruction to "log in to > MobileMe." MobileMe no longer exists; it was replaced by iCloud. The biggest > way to tell that this is a lame attempt at phishing, though, is that link. > Legitimate emails sometimes include a link to a login page, but for more > sensitive ones (financial, security and such) the best practice is to ask > users to self-navigate to a specific site. > > This link doesn't pass the sniff test. If you hover your mouse pointer over > the "LOGIN HERE TO UPDATE" link, you'll see from the tool tip that appears > that the link directs you to a completely different site than iCloud.com: > > > > Yep, you're going to be directed to stor-pple.com, a page that has nothing to > do with Apple. This is an extremely poor phishing attempt, since it's not > even trying to steal your login. Instead, it's flogging gift and flower sites. > > The correct link for Apple ID and iCloud security transactions, in case you > were wondering, is https://appleid.apple.com -- note the HTTPS protocol, > which will help ensure a secure connection between your computer and Apple's > webserver. (I'm not making that a "real" link for the reason noted above; if > you ever need to reset your Apple ID, be sure to type the URL in yourself, in > a browser you trust, on a computer you control. Maybe even disable Java and > Flash, just for extra protection.) > > Other favorite phishing emails come from miscreants pretending to be banks, > credit unions, insurance companies and PayPal. Probably your best defense is > to never click on a link in a suspicious email, or use the "hover over link" > test to see where the link is really going. In this case, the attempt was > transparently fake, but be sure to be cautious in all of your online > activities. If you're checking email from your mobile device where it may be > more difficult to assess the provenance of a link, wait until you get back to > your computer if you have any doubt -- or just go straight to the relevant > site yourself, and be safer. > > Phishing email wants you to renew iCloud. Please don't! originally appeared > on TUAW - The Unofficial Apple Weblog on Tue, 23 Oct 2012 10:35:00 EST. > Please see our terms for use of feeds. > > Source | Permalink | Email this | Comments > > > http://www.tuaw.com/2012/10/23/phishing-email-wants-you-to-renew-icloud-please-dont/ > Sent with Reeder > > > > Sent from my iPhone > > _______________________________________________ > MacGroup mailing list > [email protected] > http://www.math.louisville.edu/mailman/listinfo/macgroup
_______________________________________________ MacGroup mailing list [email protected] http://www.math.louisville.edu/mailman/listinfo/macgroup
