Monday, June 4, 2018

Apple Phishing Email - Re : [ Reminder ] [ Summary User Control ] [ Alert ] New Statement Updated to reset your Logged in password!!

For the record, this is an Apple phishing email attempt that is recently going around and is first one to appear in my inbox for 2018, that made it through the filters.

What to do?  Report them, go to the bottom of page.

From: Secure@apple.com [nno-rrreplyy1.2@disable2.com]
Subject:  Re : [ Reminder ] [ Summary User Control ] [ Alert ] New Statement Updated to reset your Logged in password!!
Sent : Jan 02, 2018

Dear xxx@outlook.com


This message has been generated automatically and must reply within 24 hours.
It has come to your your that attention. We may update section 7 of the privacy policy and security even have for no one can access to the account, but you've tried to access your account from several different places, which led to a temporary locked on your account so what we can communicate to you, Please follow the intructions until you protect your account with the new anti-fraud system. We apologize for any inconvenience.
Update Now  
PHISHING LINK >  https://service-lock-account-verify.net

Link does not work?
Try again may be affected by the speed of the internet or the site
For More information, See our frequently asked questions.

Thanks,

Apple Customer Support


Microsoft SmartScreen 

Here's how the link look like in Outlook.com, it's usually wrapped in a SmartScreen forwarding URL that check for the validity and security of the link, such as

https://nam01.safelinks.protection.outlook.com/?url=https://service-lock-account-verify.net

BUT THIS WAS NOT! LOOKS like Microsoft SmartScreen  is disable now in Outlook.com

The actual link is 

https://service-lock-account-verify.net

Here's how the phishing site looks




How to tell this is a Phishing email ?

  1. Check email address in full, if it's not from originating company then it's phishing.
  2. Hover over all links in email, if it's not from the amazon.ca site then forget it.

  3. The best way is to look at message source, see below.

How to examine Email Message Source ?

Now lets look at message source
  1. Outlook.com->Actions->View Message Source. 
  2. Gmail.com->More (down arrow to top right)->Show original.
Check for suspicious links, anything that does not originate from amazon.ca.


Report Phishing Email (not as Spam)

  1. Outlook.com->Junk (at Top)->Phishing Scam
  2. Gmail.com->More (downarrow to top right)->Report Phishing 

Report Phishing URLs at Google now 

If you have recievied this email take further action now by click these links

  1. https://www.google.com/safebrowsing/report_phish/

Report phishing at Microsoft and government agencies

  1. http://www.microsoft.com/security/online-privacy/phishing-faq.aspx

Report phishing emails to Apple 


Forward the email to abuse@icloud.com. This provides Apple's legal department and law enforcement with useful information to help prevent future phishing emails.

No comments:

Post a Comment