Don’t Get Suckered In By Spam Email (Phishing) #2

See also the previous example of email phishing.

Some people are still easy prey, which is why such emails are still sent. This phishing attempt is incompetent (contains basic grammatical errors though many people might not notice) and less sophisticated than some phishing attempts, but still good enough to trick quite a lot of people.

Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) for malicious reasons, by masquerading as a trustworthy entity in an electronic communication.

• NEVER CLICK ON LINKS IN EMAIL. Use the phone or manually enter the web site yourself.
• Set Apple Mail to disable automatic loading of content within email. If you fail to do this, remote spammers know they have a “live one”, because the loading of that content is from the evil spammer server.

The email

Classic approach with classic incompetence: an implied threat of some kind (termination of service or similar), usually written with grammatical and/or spelling errors, generic “dear client” (but can be more specific), etc.

Red type are MPG annotations. Even as shown there are giveaways: Apple does not send from “service.com” or have a return path of nobody@lp.linkdatacenter.net. These are obvious clues; look for them for starters, delete immediately if any doubt.

Spam email purporting to be from Apple, with call to urgency, obviously bogus address, etc

The email source code

What’s really going on?

There all all kinds of fishy links here, but the one you’re supposed to get suckered into clicking on goes to some site compromised by hackers.

Source code of spam email purporting to be from Apple, with call to urgency, obviously bogus address, etc