Security: Phishing Email Purporting to be a Password Reset Notification

Playing off the now-common practice of companies sending emails for logins from new IP addresses and so on, this latest type of phishing email is very dangerous.

NEVER CLICK ON LINKS in EMAILS (in general), particularly ones like this.

Evil phishing email purporting to be a password reset request notification

This one even uses a font similar to what Apple uses:

Evil phishing email purporting to be a password reset request notification

Well, almost never; if it arrived right after you yourself requested a password reset—that’s a reasonable case. Otherwise, if you were born yesterday and actually think it is legit, go to the claimed site by entering the web address manually, e.g., type in apple.com or whatever.

In MPG’s view, Apple Mail is remiss in not adding technology to counter such emails, if only popping up a little display with the URL when the link is moused-over. It’s just insane in this day and age to not have much better intelligence in Mail softtware—self driving cars while phishing runs rampant?

See also:

• Security articles and blog posts
• Apple Mail Security: Disable Loading of Remote Content
• Apple Mail Security: Viewing Mail Headers
• Setting Up Your Mac For Better Security