Anyone changed their Apple ID recently?
Discussion
I did today - the confirmations from Apple came from:
appleid@id.apple.com
and
appleid_gben@email.apple.com
I'm sure they're fine but I've convinced myself that they're not genuine Apple addresses! Anyone know where the confirmations come from?
I was also directed here:
https://idevicedepartment.co.uk/managemyappleaccou...
Which doesn't look right either.
appleid@id.apple.com
and
appleid_gben@email.apple.com
I'm sure they're fine but I've convinced myself that they're not genuine Apple addresses! Anyone know where the confirmations come from?
I was also directed here:
https://idevicedepartment.co.uk/managemyappleaccou...
Which doesn't look right either.
The email addresses *look* ok (i.e. have the right domain in them), but are easily spoofed.
The website is completely and utterly fake though. It didn't exist until today and is registered to someone on Merseyside.
You have been phished. Call your card issuer to report it IMMEDIATELY, then go to the real apple site and take action NOW. Do not stop to post on this thread. Do not make a brew. Do not tell anyone else. Just get it sorted now.
A tip for the future - start by entering a fictitious id and password which follow the correct format. Fake sites will "log you in" so they can capture more details, real sites will reject you.
The website is completely and utterly fake though. It didn't exist until today and is registered to someone on Merseyside.
You have been phished. Call your card issuer to report it IMMEDIATELY, then go to the real apple site and take action NOW. Do not stop to post on this thread. Do not make a brew. Do not tell anyone else. Just get it sorted now.
A tip for the future - start by entering a fictitious id and password which follow the correct format. Fake sites will "log you in" so they can capture more details, real sites will reject you.
Edited by marshalla on Tuesday 2nd September 21:47
Edited by marshalla on Tuesday 2nd September 21:49
That's interesting - thanks for looking.
I have changed my password and iTunes, iMessage, iCloud etc are all working. That weird page does have some details on me correctly (home address, phone number and the serial numbers of a couple of Apple products I own). But I'm now not sure if my Apple account has been hacked or not.
I have changed my password and iTunes, iMessage, iCloud etc are all working. That weird page does have some details on me correctly (home address, phone number and the serial numbers of a couple of Apple products I own). But I'm now not sure if my Apple account has been hacked or not.
NDA said:
That's interesting - thanks for looking.
I have changed my password and iTunes, iMessage, iCloud etc are all working. That weird page does have some details on me correctly (home address, phone number and the serial numbers of a couple of Apple products I own). But I'm now not sure if my Apple account has been hacked or not.
Probably filled in automatically by your browser.I have changed my password and iTunes, iMessage, iCloud etc are all working. That weird page does have some details on me correctly (home address, phone number and the serial numbers of a couple of Apple products I own). But I'm now not sure if my Apple account has been hacked or not.
If you entered your credit or debit card details into that site - get on the phone to the card issuer too.
ROFL - just had another look at it and entered some new fake details - the "log in" now redirects me to a Google Search for "Free Child Porn". Nice try - if only they knew what I do for a living.
Edited by marshalla on Tuesday 2nd September 21:52
marshalla said:
Probably filled in automatically by your browser.
If you entered your credit or debit card details into that site - get on the phone to the card issuer too.
ROFL - just had another look at it and entered some new fake details - the "log in" now redirects me to a Google Search for "Free Child Porn". Nice try - if only they knew what I do for a living.
Golly - I got the right PH'er on the end of my thread! If you entered your credit or debit card details into that site - get on the phone to the card issuer too.
ROFL - just had another look at it and entered some new fake details - the "log in" now redirects me to a Google Search for "Free Child Porn". Nice try - if only they knew what I do for a living.
Edited by marshalla on Tuesday 2nd September 21:52
I have changed my Apple ID and, via iTunes (on my Mac) it asked me to enter my credit card code (it already had the card number). This was via iTunes and therefore secure.
I have not entered my card details on that fake page.
Yikes! Feeling a bit wobbly.
NDA said:
Golly - I got the right PH'er on the end of my thread!
I have changed my Apple ID and, via iTunes (on my Mac) it asked me to enter my credit card code (it already had the card number). This was via iTunes and therefore secure.
I have not entered my card details on that fake page.
Yikes! Feeling a bit wobbly.
At least you checked here first and seem to have had time to act before they did.I have changed my Apple ID and, via iTunes (on my Mac) it asked me to enter my credit card code (it already had the card number). This was via iTunes and therefore secure.
I have not entered my card details on that fake page.
Yikes! Feeling a bit wobbly.
I've reported the domain to Nominet directly so they can log it, block the registrant and act against the registrar if necessary.
marshalla said:
At least you checked here first and seem to have had time to act before they did.
I've reported the domain to Nominet directly so they can log it, block the registrant and act against the registrar if necessary.
Good work - thanks.I've reported the domain to Nominet directly so they can log it, block the registrant and act against the registrar if necessary.
I'm still left with some anxiety that I've been hacked. The false page loaded up my email address and password automatically - but I didn't click through/'submit'.
marshalla said:
Probably filled in automatically by your browser.
If you entered your credit or debit card details into that site - get on the phone to the card issuer too.
ROFL - just had another look at it and entered some new fake details - the "log in" now redirects me to a Google Search for "Free Child Porn". Nice try - if only they knew what I do for a living.
I remember there was an old "swatting" link about which did the same sort of thing for a search on the FBI computers.If you entered your credit or debit card details into that site - get on the phone to the card issuer too.
ROFL - just had another look at it and entered some new fake details - the "log in" now redirects me to a Google Search for "Free Child Porn". Nice try - if only they knew what I do for a living.
Edited by marshalla on Tuesday 2nd September 21:52
It was down to the website design, where it wouldn't pass details through via a form, it would just create a link with a ...com/search keyword = " " etc.
It would then be hidden as a short google link, and posted about.
gpo746 said:
Can I just say a really BIG GENUINE THANK YOU to Marshalla for being so helpful and so blunt with the OP
Its posts like these that reaffirm my belief that fundamentally people on here like to help others
Totally well done .
I'm an arrogant miserable loudmouth, but mostly harmless Its posts like these that reaffirm my belief that fundamentally people on here like to help others
Totally well done .
marshalla said:
NDA said:
That's interesting - thanks for looking.
I have changed my password and iTunes, iMessage, iCloud etc are all working. That weird page does have some details on me correctly (home address, phone number and the serial numbers of a couple of Apple products I own). But I'm now not sure if my Apple account has been hacked or not.
Probably filled in automatically by your browser.I have changed my password and iTunes, iMessage, iCloud etc are all working. That weird page does have some details on me correctly (home address, phone number and the serial numbers of a couple of Apple products I own). But I'm now not sure if my Apple account has been hacked or not.
If you entered your credit or debit card details into that site - get on the phone to the card issuer too.
ROFL - just had another look at it and entered some new fake details - the "log in" now redirects me to a Google Search for "Free Child Porn". Nice try - if only they knew what I do for a living.
Edited by marshalla on Tuesday 2nd September 21:52
They've obviously given up phishing. Scum.
gpo746 said:
Can I just say a really BIG GENUINE THANK YOU to Marshalla for being so helpful and so blunt with the OP
Its posts like these that reaffirm my belief that fundamentally people on here like to help others
Totally well done .
Yes indeed.....Its posts like these that reaffirm my belief that fundamentally people on here like to help others
Totally well done .
PH'ers are a good lot when you need them - there are a lot of skills lurking here. Which is why I wanted to check.
I'm alive to Phishing, but this time it nearly caught me as it coincided with an Apple purchase.
marshalla said:
A tip for the future - start by entering a fictitious id and password which follow the correct format. Fake sites will "log you in" so they can capture more details, real sites will reject you
Unless it eithera) Proxies through to the real site and just sits in the middle of the entire conversation.
or
b) Always tells you that the details are wrong and then re-directs to the real site so you never realise you were phished.
I really should get round to taking up that life of crime. Although I suspect 'give us your Facebook password for a chance to win an iPad' would work just as well.
I think its best to never trust a link in an email as a route to login - type the address yourself.
maffski said:
Unless it either
a) Proxies through to the real site and just sits in the middle of the entire conversation.
or
b) Always tells you that the details are wrong and then re-directs to the real site so you never realise you were phished.
I really should get round to taking up that life of crime. Although I suspect 'give us your Facebook password for a chance to win an iPad' would work just as well.
I think its best to never trust a link in an email as a route to login - type the address yourself.
Most of the scammers aren't smart enough to use the proxy method, and entering a bad ID first will bypass the second. BUT - you are completely correct to advise that nobody should ever click on a link in an email (or on a forum).a) Proxies through to the real site and just sits in the middle of the entire conversation.
or
b) Always tells you that the details are wrong and then re-directs to the real site so you never realise you were phished.
I really should get round to taking up that life of crime. Although I suspect 'give us your Facebook password for a chance to win an iPad' would work just as well.
I think its best to never trust a link in an email as a route to login - type the address yourself.
Frankly, I wish companies would stop putting links in email - it just encourages bad habits. When I'm dictator for life, my first edict will involve banning this practice and application of fire to very tender body parts for the board of any company which does it.
marshalla said:
Quick update - it looks like the registrar has suspended the domain, but the entries are still in DNS, and the hosting company are refusing to take action (won't name them, but if you look at the nameservers you'll see who they are). It *should* fall off the 'net soon.
That's great you followed up - thanks, from me and whoever else might have nearly been scammed.We tend to think of phishing as rogues chancing their luck - but the truth is that it's theft of hard earned cash. I shouldn't have had 30 minutes of blind panic.
Anyhoo, moment passed. Thanks so much for your advice - really helpful and appreciated.
Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff