Mac, iPhone and iPad users get inundated with phishing attacks that appear to be official Apple emails but are in fact attempts to steal your Apple ID password. These fake emails play on emotions to get you to click on false links and then enter your password or download some malware. Take a look at some common examples. Thanks to those who contributed these examples!
Comments: 16 Responses to “Learn to Avoid Phishing Attempts”
Sharon Beck
7 years ago
This post is so great in it's visuals and it's explanation, that I'm going to put a newsletter out on just this link of yours and tell all of the 262 people on my list, that they need to get to know you and your work, by watching this link. Then I'm going to give the the link. I think everyone needs to see this video of yours but especially Seniors. And bringing them technical understanding of their iOS devices is my passion in life. Thank you Gary, I am a big fan.
Joe Finkelstein
7 years ago
Gary, Great stuff and so important. Already sent this on to a number of my friends.
Marvin Welborn
7 years ago
the oddity of all this is I've notified Apple of these 'several' attempts on me, but have never received 'any' acknowledgement from Apple. It's like a Black Hole I'm talking to.
Marvin: You won't get any response from Apple. They'd need a staff of dozens (hundreds?) to respond to these reports if they were going to do that. Same from any major email provider. They simply put your email into a database and use that data to help make their filtering models better. That's a guess. So it does help a little, but personally I don't bother to report these. I just delete and move on with my day.
Shirley
7 years ago
I select the message in the list and go to the Message Menu and send these to "reportphishing@apple.com" (with out the quotes). I do notice that the number of these phishing emails diminishes after doing several of these.
Shirley: There's definitely no relation to the number of phishing emails you get and your use of reportphishing@apple.com. At best, forwarding to reportphishing@apple.com just gives Apple more data. But it won't affect you directly.
Patrick J Mele
7 years ago
I use the hover method for seeing hidden addresses and found suspect sites. I'm curious if I could add a Rule in the Mail app for hidden or suspect addresses
Patrick: Since they change these spam sites all the time, there's no point in trying to create rules. It would be different next time.
Anne Burke
7 years ago
Timely advise Gary. We all get lazy at times or forget to check.
Thank you for the wake up call.
Jeff White
7 years ago
If in doubt, I always proofread the message carefully. Most phishing emails will have spelling, punctuation, or grammatical errors. In Gary's draft example, the subject line uses a hyphen in Apple-ID, which is non-standard punctuation. Apple ID again appears in the first line of the text, but without the hyphen. Inconsistency! It's followed by a comma, which is completely unnecessary. A clear fake!
Jeff is right in that almost all phishing emails have these mistakes in them. But don't use that as a way to detect them. Then all it would take would be one perfect fake and your password would be compromised.
Lubomir
7 years ago
wow...this was fantastic topic!!! I hope I'll learn something from it! Thanks,Gary and may God bless you and your family
Karen Brown
7 years ago
The example you showed with the $420,00 would tell me, not that it was a mistake, but that it came from somewhere in Europe—from someone who may be able to put in the $ sign, but isn't smart enough to know that we use a period between dollars and cents, not a comma!
Karen: So the thing to worry about is, what if next time the price is reasonable? Like $39.95? And everything is spelled correctly and perfect? We still need to be on guard and not rely on these "tells" to determine what is real.
Jasper
7 years ago
I get heaps of phishing attempts on one email account but NEVER on my iCloud account. I think the reason is that the phished account is based on my name at a well-known domain, so phishers can guess my address might be real. My iCloud account and its aliases don't contain my name. They were created with a password generator and are unlikely to be guessed. I only use icloud aliases so that if one got bad I can change it.
Janet grant
7 years ago
Very informative,I found Apple care very helpful and now I know just to delete them.
I was not aware that Siri was so versatile .
This post is so great in it's visuals and it's explanation, that I'm going to put a newsletter out on just this link of yours and tell all of the 262 people on my list, that they need to get to know you and your work, by watching this link. Then I'm going to give the the link. I think everyone needs to see this video of yours but especially Seniors. And bringing them technical understanding of their iOS devices is my passion in life. Thank you Gary, I am a big fan.
Gary, Great stuff and so important. Already sent this on to a number of my friends.
the oddity of all this is I've notified Apple of these 'several' attempts on me, but have never received 'any' acknowledgement from Apple. It's like a Black Hole I'm talking to.
Marvin: You won't get any response from Apple. They'd need a staff of dozens (hundreds?) to respond to these reports if they were going to do that. Same from any major email provider. They simply put your email into a database and use that data to help make their filtering models better. That's a guess. So it does help a little, but personally I don't bother to report these. I just delete and move on with my day.
I select the message in the list and go to the Message Menu and send these to "reportphishing@apple.com" (with out the quotes). I do notice that the number of these phishing emails diminishes after doing several of these.
Shirley: There's definitely no relation to the number of phishing emails you get and your use of reportphishing@apple.com. At best, forwarding to reportphishing@apple.com just gives Apple more data. But it won't affect you directly.
I use the hover method for seeing hidden addresses and found suspect sites. I'm curious if I could add a Rule in the Mail app for hidden or suspect addresses
Patrick: Since they change these spam sites all the time, there's no point in trying to create rules. It would be different next time.
Timely advise Gary. We all get lazy at times or forget to check.
Thank you for the wake up call.
If in doubt, I always proofread the message carefully. Most phishing emails will have spelling, punctuation, or grammatical errors. In Gary's draft example, the subject line uses a hyphen in Apple-ID, which is non-standard punctuation. Apple ID again appears in the first line of the text, but without the hyphen. Inconsistency! It's followed by a comma, which is completely unnecessary. A clear fake!
Jeff is right in that almost all phishing emails have these mistakes in them. But don't use that as a way to detect them. Then all it would take would be one perfect fake and your password would be compromised.
wow...this was fantastic topic!!! I hope I'll learn something from it! Thanks,Gary and may God bless you and your family
The example you showed with the $420,00 would tell me, not that it was a mistake, but that it came from somewhere in Europe—from someone who may be able to put in the $ sign, but isn't smart enough to know that we use a period between dollars and cents, not a comma!
Karen: So the thing to worry about is, what if next time the price is reasonable? Like $39.95? And everything is spelled correctly and perfect? We still need to be on guard and not rely on these "tells" to determine what is real.
I get heaps of phishing attempts on one email account but NEVER on my iCloud account. I think the reason is that the phished account is based on my name at a well-known domain, so phishers can guess my address might be real. My iCloud account and its aliases don't contain my name. They were created with a password generator and are unlikely to be guessed. I only use icloud aliases so that if one got bad I can change it.
Very informative,I found Apple care very helpful and now I know just to delete them.
I was not aware that Siri was so versatile .