Thursday, September 6, 2018

Apple Store Phishing Email - Reminder: Your recent purchase Soul Hunters - Assassin's AGE - 4000 Diamonds Pack. Wednesday - 05/09/2018

For the record, this is an Apple phishing email attempt that is recently going around and made it through spam filters. What to do?  Report them, goto bottom of page.





From : Apple Support

Subject : Reminder: Your recent purchase Soul Hunters - Assassin's AGE - 4000 Diamonds Pack. Wednesday - 05/09/2018

 Dear Customer,

 Your Apple ID, has just been used to purchase Soul Hunters -

 Assassin's AGE from the App Store on a computer or a device

 that had never been associated with that Apple ID.

 Date: Wednesday, September 5, 2018

 Browser: Chrome

 Operating System: 11.4

 If you did not make this purchase or you believe an

 unauthorized person has accessed your account, Please find

 the document attached to cancel your purchase without delay.

 Sincerely,
Apple Support

It contains infected PDF files: SoulHunters-XXXX.pdf

Uploading to http://jsunpack.jeek.org/ to detect the PDF JavaScript malware we find malicious embedded JavaScript and a 

 PHISHING LINKs behind  "Report a Problem"

1. https://source-notice.app-receipt15.com/
2. admin jaro <admin@orderan.business>  found email in image











How to tell this is a Phishing email ?

  1. Check email address in full, if it's not from originating company then it's phishing.
  2. Hover over all links in email, if it's not from the apple.com site then forget it.

  3. The best way is to look at message source, see below.

How to examine Email Message Source ?

Now lets look at message source
  1. Outlook.com->Actions->View Message Source. 
  2. Gmail.com->More (down arrow to top right)->Show original.
Check for suspicious links, anything that does not originate from apple.com.


Report Phishing Email (not as Spam)

  1. Outlook.com->Junk (at Top)->Phishing Scam
  2. Gmail.com->More (downarrow to top right)->Report Phishing 

Report Phishing URLs at Google now 

If you have recievied this email take further action now by click these links

  1. https://www.google.com/safebrowsing/report_phish/


Report phishing at Microsoft and government agencies

  1. http://www.microsoft.com/security/online-privacy/phishing-faq.aspx

Report phishing emails to Apple 

Forward the email to abuse@icloud.com. This provides Apple's legal department and law enforcement with useful information to help prevent future phishing emails.
Posted by metadataconsulting (profile) at 6:00 AM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)