Luminous Landscape Forum
Equipment & Techniques => Computers & Peripherals => Topic started by: Ellis Vener on September 04, 2014, 08:23:20 pm
-
Hi,
I just received an email that seemed to come from Apple, saying someone had just accessed my iCloud account from my iPhone and advising me to change my password if I hadn't done it.
This is what the email looked like. ( for the attached JPEG I first did a screen shot of the email, and then blacked out my name and Apple ID info using Photoshop CC2014 and turned the .png into a JPEG)
That's funny I thought, so I clicked on the link and started to enter my password so I could change it.
BUT Before I did enter it I had second thoughts and checked to see the address the email came from.
It came from "noreply@insideicloud.cloud.com"
I then checked with Apple support ( 1-800-MYA-PPLE) and they immediately confirmed that the email did not come fro mApple and was a phishing attempt.
-
Ah, Ellis, you naughty boy! Keeping your nude picture in the cloud? ;)
-
That's just too funny!
I received the same email a few days ago. Didn't think twice about deleting it. I'm glad you posted though, maybe someone will be saved from a lot of grief.
-
I get phishing emails all the time at work -- most of them are incredibly crude, and simply rolling over the link and reading the URL shows just how crude. But I send them on to our IT team anyway, so they can send them out to my coworkers, because someone here will click the link and enter all their personal information without a second thought.
I am constantly amazed :)
-
You can also tell easily enough (most times) by looking at the return address. It is highly unlikely (though maybe not impossible) that it would come from an 'apple.com' domain which is the case with the email you posted.
-
I think we've all received emails that have caused us to pause for a moment. At this point, if I get emails like this, I NEVER click anything, but go directly to my account to check things. Good thing you paused!
Nemo
-
I think we've all received emails that have caused us to pause for a moment. At this point, if I get emails like this, I NEVER click anything, but go directly to my account to check things. Good thing you paused!
Nemo
That is exactly the right approach. Even if the message looks genuine, don't click!
-
I had half a dozen of these in one morning last week. Whenever I receive anything purporting to be from Apple, or my ISP, or my bank, or any of the other organisations which have access to financial information, I always check the actual email address and that's nearly always enough to persuade me to hit the delete key. I suppose there are lots of gullible people around.
Jeremy
-
…
I suppose there are lots of gullible people around.
Jeremy
FWIW,
Two of my customers got bitten lately. I thought both were "resistant" to such tactics but a click is so quick and easy. One of them told me that as soon as he clicked on the OK button after entering his credentials he knew that he did something very wrong!
-
I don't know about other accounts but my banks, credit card issuers and so on all have clearly said "We never send that sort of notice" via email. Apple is now sending emails confirming you went onto the service but if true, no reply is necessary and if not true they say go to the Apple site.
Dave S
-
My clients get bitten by these things ALL the time. It's difficult if you are working on a mobile device, but if you are using a desktop/laptop and a good email program all you have to do is hover over a link to see where it's actually going. Never click on them without checking. Often you are just confirming that yes, they got a real active email address by doing so - and signing yourself up for more of the same. Same thing with most 'unsubscribe' links.
-
My clients get bitten by these things ALL the time. It's difficult if you are working on a mobile device, but if you are using a desktop/laptop and a good email program all you have to do is hover over a link to see where it's actually going. Never click on them without checking. Often you are just confirming that yes, they got a real active email address by doing so - and signing yourself up for more of the same. Same thing with most 'unsubscribe' links.
In the email app on Android if you long press a link in an email a menu pops up with some options and also the actual address the link is pointing at so it is possible to check a link without following it on Android. I don't know if similar functionality is there on Apple or Windows devices.
-
In the email app on Android if you long press a link in an email a menu pops up with some options and also the actual address the link is pointing at ...
Ditto in the iOS 7 Mail app: pressing on a link in Mail shows the URL plus options to Open, Copy, etc.
And since even the browser interface to Microsoft Outlook mail shows links on hover, I am fairly sure that actual Outlook does too.
With my employer's email, all links have been rewritten to pass them through https://urldefence.proofpoint.com
Does anyone know how reliable that mechanism is?
Anyway, I prefer the advice that "if an email is asking for info. like a password, go to the site of the alleged sender by typing the address you already know for it into a browser or using a previous bookmark, not via a link in email".
-
You really need to be vigilant, and trust very few, is my experience. Just a few days afetr signing up with PayPal, I received a number of e-mails asking me to confirm my account by clicking the link provided. I didn't. A buddy mentioned a similar experience and explained, PayPal has an e-mail address to which one can forward such messages. I forwarded and then received a thank you from Paypal and the confirmation, they hadn't issued the request (and never will). But for a number of months, similar requests kept pouring in. Then they stopped. I can't understand how someone (outside of PayPal) knew, I had signed up!
Some years ago I was selling two Zeiss lenses on ebay. I received a message from a member, through ebay channels who asked, "did I know what was being written about me in the ebay forum and if it were true?" I had read this message while signed into ebay. At the bottom of the page was a link to the forum. After clicking, they asked for my password again. Though I thought it odd, I wanted to get to the bottom of things, so I signed in again. The link took me nowhere and I spent a while searching for a possibility to enter the forum and find any thread concerning me.
A few days later a fellow interested in my lens asked me, how many lenses I was selling and why I had the same item(s) for sale in different auctions. What sort of scam was I running?! As I was wondering what had happened, ebay froze my account and asked me what had happened. I explained, they informed the buyers of the fictive lenses, I created a new password, my two original auctions continued and the matter was over for me. I don't know how many folks purchased the alleged lenses or how many paid. But it was a lesson I won't forget.
I'm far more careful today.
-
http://appleinsider.com/articles/14/10/21/hackers-targeting-apple-icloud-users-in-mainland-china-with-massive-attack
As the world turns...