Friday, November 2, 2018

Apple Phishing Email - RE: [New Statement] Your account has been locked due to suspicious activity CASE ID : [FWD.] [Update Report]

For the record, this is an Apple phishing email attempt that is recently going around and made it through spam filters. What to do?  Report them, goto bottom of page.


From : Apple Service

Subject : RE: [New Statement] Your account has been locked due to suspicious activity CASE ID : [FWD.] [Update Report]

ATTACHED DOCX CONTENTS - ALWAYS OPEN WITH WORD VIEWER ONLINE

 AρρleID Locked Aggrement

 We emailed you a little while ago to ask for your help resolving an issued with your AρρleID, Your AppleID is still temporarily Locked for security reason.

 If you or someone else enters your password, security questions, or other account information incorrectly too many times, Your AρρleID automatically locks to protect your security. You can unlock your Aρρle ID after you verify your identity.

 We want to work with you to restore your account as quickly as possible.

 What will happen if your AρρleID has been Locked?

 * You can’t make payment

 * You can’t access personal data that are associated with the your AρρleID

 How can you unlocked your AρρleID

 You must login to Your AρρleID to the following link (https://aρρleid.aρρle.com/account#!&Page=UnlockPHISHING LINK 

https://www.appidaccountmanageinformationupdatetsatsa.com/?sign


 Follow Step by step to Unlock your AρρleID.

 If you have not signed recently and Believe someone may have accessed your account, Go to AρρleID (https://iforgot.aρρle.com/password/verify/aρρleid) and change your password as soon as possible.

 Sincerely,

 Aρρle Support

 Note: If the informations above looks familiar, you can ignore this message

It contains infected DOCX file: Doc_UserNotice.docx

PHISHING LINKs;  

1. (https://aρρleid.aρρle.com/account#!&Page=UnlockPHISHING LINK 

https://www.appidaccountmanageinformationupdatetsatsa.com/?sig

 How to tell this is a Phishing email ?

  1. Check email address in full, if it's not from originating company then it's phishing.
  2. Hover over all links in email, if it's not from the apple.com site then forget it.

  3. The best way is to look at message source, see below.

How to examine Email Message Source ?

Now lets look at message source
  1. Outlook.com->Actions->View Message Source. 
  2. Gmail.com->More (down arrow to top right)->Show original.
Check for suspicious links, anything that does not originate from apple.com.


Report Phishing Email (not as Spam)

  1. Outlook.com->Junk (at Top)->Phishing Scam
  2. Gmail.com->More (downarrow to top right)->Report Phishing 

Report Phishing URLs at Google now 

If you have recievied this email take further action now by click these links

  1. https://www.google.com/safebrowsing/report_phish/


Report phishing at Microsoft and government agencies

  1. http://www.microsoft.com/security/online-privacy/phishing-faq.aspx

Report phishing emails to Apple 

Forward the email to abuse@icloud.com. This provides Apple's legal department and law enforcement with useful information to help prevent future phishing emails.
Posted by metadataconsulting (profile) at 12:00 PM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)