New phishing email pretends to be from Apple's online store
We've received several reports today of an email making the rounds that's very likely a phishing scam. The message content is cleverly designed to look like it's coming from the Apple Store, and clicking on any of the links will take you to a website that's even superficially similar to Apple's online store.
If you get this email, don't buy anything from its associated website, as there are a few dead giveaways to the inauthenticity of the message. First, the message sender will come up as a random string of characters followed by @live.com. All messages from the Apple Store should have apple.com at the end, and nothing else. The URL that you're directed to if you click anything in the message will eventually resolve to appledownload.com instead of the proper URL, store.apple.com, and you'll find a website that looks sort of like Apple's storefront but is focused seemingly exclusively on software sales.
The "about" section on the site is written in quite broken English and claims the business is based in San Francisco. However, a simple WhoIs lookup shows that the site is registered to "Lyubov Bushmakina" in St. Petersburg, Russia. If that's not a red flag, I don't know what is.
Bottom line: don't buy anything from this site if you're the least bit paranoid of being defrauded. There's a slim chance the site may be a legitimate software outlet, but by "slim chance" I really mean "snowball's chance on the surface of Venus." Always be wary of emails like this that offer to sell you stuff, especially if there's telltale signs it's not coming from who you think it is at first glance.
Update: Commenters have noticed that the email addresses targeted by these phishing attempts are consistent with addresses used to register for MacHeist in the past. In early 2010, MacHeist's then-email processor iContact reported that it was the victim of a security breach that exposed some subscriber email addresses to spammers; it is possible that some of these compromised addresses are now being used for Apple-themed targeted spam. MacHeist no longer uses iContact for email processing.
Share
Categories
We've received several reports today of an email making the rounds that's very likely a phishing scam. The message content is cleverly...
Add a Comment
This is definitely related to Mac Heist - I participated in the 2010 offer, and got this phishing email - the one offering Adobe products. At the bottom of the fake page, all the "Apple" links were links to discounted resellers - like Apple would ever do that!
May 19 2011 at 5:06 PM Report abuse Permalink rate up rate down ReplyYes, I got this as well. Very annoying. Thanks for the tip it was via Macheist.
May 19 2011 at 5:46 PM Report abuse Permalink rate up rate down ReplyI received two of these emails myself.
One from AppStore@apple.com and one from Store@apple.com.
Phishing email that appears to come from Apple can be forwarded as attachments to reportphishing@apple.com
I got the e-mail this morning and was a purchaser of a MacHeist bundle in the past. It was almost convincing on first glance but the e-mail addresses and links exposed by hovering the mouse over the graphics gave it away.
May 19 2011 at 10:18 AM Report abuse Permalink rate up rate down ReplyI've received this email every morning for the last four days, coming from store@apple.com...
Dear Apple Store Customer,
Your Order ID:6309-52457 (order status) has been successfully canceled.
You can also contact Apple Store Customer Service or visit online for more information.
Visit the Apple Store to purchase Apple hardware, software, and third-party accessories.
To purchase by phone, please call 1-800-MY-APPLE.
That's the EXACT message I got.
May 19 2011 at 11:24 AM Report abuse Permalink rate up rate down ReplyI got one similar to this yesterday.
Thankfully it was already in my spam folder so I was immediately suspicious.
It was from an @apple.com address saying my recent purchase order was cancelled, and it gave an order number I could click on.
Not about to click on it, I copied down the order number, and went directly to apple's site and when I tried to enter in the order number. There were too many digits to enter so I knew it was a fake.
Thankfully I was suspicious from the start. It did have a very convincing look to it. I've been hyper sensitive with fraud recently with the whole Playstation debacle. When I saw this email I was afraid someone stole information and went on an Apple shopping spree.
Luckily, I realized it was just a scam to trick me, and I marked as such and deleted the message.
Got one from them,saying I needed to update ical to continue to be able to sync calendars
May 19 2011 at 8:41 AM Report abuse Permalink rate up rate down ReplyInteresting that the from email address is considered a phishing indication. It is the most easy to forge (assuming the phisher is not interested in a reply).
The best warning of phishing is the fact that it is an unsollicitated email. Even though that assumption might generate many false positives, it is the only way non-technies can avoid falling for a scam.If you can't stop yourself to check out a promotion, then surf to the website yourself instead of clicking the link.
I got this too.... my main concern was how the images were displayed, when I specifically blocked Sparrow from accessing any server but GMail's, and how it ended up in my inbox when it was addressed TO "-stringofrandomchars-@live.com". I don't even have a live.com e-mail address...
Concerning, at best, annoying at least.
It says at the bottom 'Premium Reseller'
May 19 2011 at 2:27 AM Report abuse Permalink rate up rate down ReplyI got one of these today too. I looked immediately at the from address, and it DID end in "apple.com" ((specifically "Apple " as the from and reply-to), I was still suspicious.
May 19 2011 at 2:14 AM Report abuse Permalink rate up rate down ReplyDeals of the Day
more deals- Targus Truss Case for iPad and iPad 2 for $15 + free shipping
- Apple iPhone 4 8GB for Verizon, AT&T, or Sprint for $50 + pickup at Best Buy
- Unlocked iPhone 4S 16GB for GSM (AT&T, T-Mobile) for $619 + free shipping
- Apple iMac Core i7 Quad 3.4GHz 27" w/ 24GB RAM, 2TB HDD for $2,677 + $29 s&h
- Used Apple Magic Mouse for $36 + $4 s&h
- 9-Piece iPhone Bundle, includes 1,900mAh battery for $8 + free shipping
Software Updates
more updatesFeatured Stories
more stories
Popular Stories
TUAW (or The Unofficial Apple Weblog) is a website devoted to tips, reviews, news, analysis and opinion on everything Apple.
21 Comments