Damn phishing attack/spammer

[amirm]

My Outlook mail client is pretty good at filtering almost all spam/phishing attacks. But there is one claiming that my Apple ID has been compromised which surprisingly keeps getting through. The latest incarnation though cracked me up. This is the "from address" that is supposed to be from Apple:

Idiots.

I hope none of you click on the enclosures on this. Immediately delete them and if you have an Apple account, report it to them. I did that but hasn't done any good. Apple should put out a formal bulletin to news sites about this since it is getting through both hotmail and outlook filters. And is exceptionally well written unlike a lot of these spams:

Again, DO NOT click on that Log In link. Or any enclosures. Delete immediately.

Above are screen snapshots so they are safe.

 

[Sal1950]

Never fear, Linux here.

 

[amirm]

Oh, they will get you on Linux too. That link will take you to a page to ostensibly log into your Apple account. When you do, then they will harvest your Apple ID and login and sell that in market for real money. Next thing you know, you get a real bill from Apple for buying every track Air Supply ever produced!

 

[Jinjuku]

The ones that get most people are when some one you know has their email account hacked. I've yet to fall for it because 1. I have good filtering setup 2. I always look at the raw link 3. I use managed DNS (Open DNS).

Never fear, Linux here.

You would be just as compromised.

 

[amirm]

I am not familiar with managed DNS. Does it have white and black list of sites?

 

[Sal1950]

Oh, they will get you on Linux too. That link will take you to a page to ostensibly log into your Apple account. When you do, then they will harvest your Apple ID and login and sell that in market for real money. Next thing you know, you get a real bill from Apple for buying every track Air Supply ever produced!

Oh fishing, I didn't read your post completely, thought it just another malware/virus link.
GMail has been pretty good at catching this stuff but any client can be compromised.
A shame many people are so vulnerable to this type of stuff.
The most basic computer security measures would avoid being sucked in, but Joe Citizen just doesn't have the basic background knowledge to protect themselves.
Some even send money directly to TV evangelists.

 

[Blumlein 88]

Oh, they will get you on Linux too. That link will take you to a page to ostensibly log into your Apple account. When you do, then they will harvest your Apple ID and login and sell that in market for real money. Next thing you know, you get a real bill from Apple for buying every track Air Supply ever produced!

Well at least you get some good music out of it that way.




(DUCKS head now....)

 

[amirm]

Everyone together.... "Making Love Out of Nothing At All"

 

[Don Hills]

... And is exceptionally well written unlike a lot of these spams: ...

Better than average, but still a dead giveaway in each paragraph.

 

[Jinjuku]

I am not familiar with managed DNS. Does it have white and black list of sites?

It can depending on the level of service you subscribe to. I like to integrate Open DNS into my Active Directory sites that I setup. It's a tedious process but it's better then getting crypto-ware.

The other thing I would like to be able to do more often is use AppLocker in Group Policy to white list applications. But M$ in their unrelenting 'wisdom' only makes this security apparatus available in Enterprise and Ultimate Editions. Not even Pro for pete's sake. But they recommend 'Users' use AppLocker to be preventative in threat mitigation. Sigh.

 

[Sal1950]

You guys think there might be something phishy about this email from PayPal?


Dear customer you need to update your account information for more protection :

Hello PayPal Customer,

We are sorry to inform you that you can not access all your paypal advantages like sending money and purchasing,due to account limitation .

Why my account PayPal™ is limited?
Because we think that your account is in danger from stealing and unauthorized uses .

What can I do to resolve the problem?
You have to confirm all your account details on our secure server by click the link below or (copy & past) the link into your browser and following all the steps. If The Link Don't Work On Gmail Please CLick On ("Non-Spam" & "The Show Images Noted Below" [Afficher les images ci-dessous]) due to our new security update. Thanks



Update your account :

1. Easy to complete your operation banking.
2. Ensure better services

Update

 

[amirm]

The starting like should be, "Hello Potential Victim,"



Amir

 

[cjf]

Even worse, people actually click on this stuff.

I'd be willing to bet that these are the same people who decide to drive 20mph under the speed limit as soon a few drops of rain start to fall on the road.

Watch out, its a jungle out there!