I got three of these today. There are a bunch of clues that they’re not legit. First, there’s no Apple logo (easy enough to fake, but still…). Second, the Apple ID it says was used is not my Apple ID. Third, the From addresses are not at apple.com (again, easy to fake so why not take the time?). But of course the biggest clue is that if you hover over the “Learn More” links you’ll see that they don’t point Apple domains. This post says they lead to hacked accounts that will bounce you to a Russian online drug store.
Senders:
Apple [noreply@conestoga.net]
Apple [noreply@shaw.ca]
Apple [noreply@icqmail.com]
Subject:
Your Apple ID was used to sign in to FaceTime, iCloud, and iMessage on an iPhone 5
Text:
Dear Customer,
Your Apple ID (robert@rlweiner.com) was used to sign in to FaceTime, iCloud, and iMessage on an iPhone 5.
If you have not recently set up an iPhone with your Apple ID, then you should change your Apple ID password. Learn More.
Got this same this this morning.
You can add noreply@online-prescribe.net to the list of senders.
The rest of the message is word for word.
but does anyone know if you accidentally click on the “learn more” does it download malware onto your computer?
According to the link I posted, this one just takes you to a pharmacy site. But if you did click, run a malware scan on your computer just to be safe.
You can add noreply@cybelius.com to the list, I do not have an Id as they claim, the learn more goes to edificiopaola.com/promet/safe/ I highly doubt the “/safe” part of the link, second one in 2 days…
I’ve received three of these over the last two days, all from different addresses:
noreply@ensica.fr
noreply@bengreen.co.uk
noreply@budgetblinds.com
The “Learn More” link leads to three different sites as well. I’ve not clicked on any of them.
Apple no reply@adobe.com just came through today so be careful. It was asking me to reset my account and payment details