Phishing email and IOS 10.3
Discussion
feeling a muppet.
I like to think that I am tech savy.
In short I had a 'apple' email with a PDF bill, telling me they suspected fraudulent action, I opened the PDF on an outlook appon my IPhone running IOS 10.3.
long version.
I had notification that someone in Taiwan was trying to log on with my apple idea and that I should change my password.
I logged onto apple and changed my password and checked authorised devices (I already have two factor turned on)
About 30 minutes later I got an email from 'apple' saying that they had noticed potential fraudulent action and a PDF receipt attached.
I thought IOS was very difficult to get infected, particularly if you have not jail broken it.?
Cheers
Michael
I like to think that I am tech savy.
In short I had a 'apple' email with a PDF bill, telling me they suspected fraudulent action, I opened the PDF on an outlook appon my IPhone running IOS 10.3.
long version.
I had notification that someone in Taiwan was trying to log on with my apple idea and that I should change my password.
I logged onto apple and changed my password and checked authorised devices (I already have two factor turned on)
About 30 minutes later I got an email from 'apple' saying that they had noticed potential fraudulent action and a PDF receipt attached.
I thought IOS was very difficult to get infected, particularly if you have not jail broken it.?
Cheers
Michael
I don't think iOS is infected (in fact I am sure of it) but what you have done by clicking the link/PDF is send a "message" back (i.e. like a confirmation read receipt) telling the scammers that your e-mail address is a real one so they will then try further to guess your password etc. You have 2FA on and have changed your password (I hopeeither via the settings or the proper Apple ID site?) so I wouldn't worry about it.
I get these emails that pretend to be from Apple all the time, they get sent to an email address that is not associated with my Apple account so I just delete them.
I also got one today with a PDF attachment, just be glad you did not open that attachment on a real computer. That PDF file has a malicious payload that may contain ransomware, keyloggers and other dodgy material. If the email is the same as the one I got then it was quiet obviously fake if read in more detail, as it is full of spelling mistakes and gramma errors.
Chances are the other email you received may have also been fake, if you clicked on any links within that email and entered anything at all in any webform, then I would be resetting passwords, memorable info etc. directly from Apples website.
I also got one today with a PDF attachment, just be glad you did not open that attachment on a real computer. That PDF file has a malicious payload that may contain ransomware, keyloggers and other dodgy material. If the email is the same as the one I got then it was quiet obviously fake if read in more detail, as it is full of spelling mistakes and gramma errors.
Chances are the other email you received may have also been fake, if you clicked on any links within that email and entered anything at all in any webform, then I would be resetting passwords, memorable info etc. directly from Apples website.
crmcatee said:
Never open PDF's (or any other attachment) in an email that looks suspicious.
I would normally avoid doing this.On this occasion I had a some trying to access my apple account then 30 minutes later the email came through, and I clicked before thinking! Even looking at the sender address it doesn't normally look that legit.
I assume it was probably coincidence or possibly a spear phishing attack?
From what I've read as I've opened this on a non jail broken iPhone running 10.3, I should be fine
If I'd opened this on a windows laptop with no protection it might have been different, suffice to say I have changed passwords, cleared all cache and power cycled my router
Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff