Phishing is a form of social hacking; the hackers try to get people to divulge their email addresses, passwords, and other key information by sending out fake emails that are usually from email addresses in Russia (sorry, Russian readers, but it’s true…). Yesterday I received a phishing email that was so execrably bad that I just had to share it with readers of Apple World Today. Here’s the email:
What’s wrong with this? Everything.
What’s “right” with it? One thing.
Usually, you can right click on the email address in a phishing email and it will be from some “.ru” email address although it shows an official-looking return address tag like “Apple iCloud Account Services”. These guys used “Apple Service ID” (which is so fake sounding it’s ridiculous), and right-clicking shows the address to be the somewhat believable “no-reply@mail.apple.com”. That makes no difference; what they want people to do is click on that red link marked “Save it for me” — which you should NOT do.
If you click on that link, you are sent to a web page at the following address:
https://webbitgifts.com/A
which of course has NOTHING to do with Apple. Once again, you can determine the destination of a link by right-clicking it (on a Mac) or tapping-and-holding it (on an iOS device). Now the web page that this address redirects to actually looks like the Apple ID page. Don’t be fooled! Once again, check the address in the Safari or Chrome address bar:
http://appleid.apple.com.account.manage.wets.myapleid.woa.wa.directt.myappleid.woa.25napplic2faccount.25napplic2faccountmasdfhjkoa9limg234567890.webbitgifts.com/index/index/src/index/index.php?api=_login-detail&session=5e930e2e937433992f627e7354c50e8d&wait=d1ab2555a560ea018f8d04333f6cd5b6eace2480
First, Apple will never use just an “http” address. All Apple websites are prefixed with https, meaning that a secure certificate is in use. Second, read past the “appleid.apple.com” and eventually you get to the same “webbitgifts.com” domain name — that’s not Apple.
What should I do with this email if I receive it?
Trash it immediately, or even better, mark it as spam. Don’t worry — valid Apple emails will still come through but anything from “webbitgifts.com” will end up in your junk folder.
Stay safe out there, friends!
Apple illegally interrogated staff at its World Trade Center store in New York City, the…
In a note to clients — as noted by MacRumors — analyst Jeff Pu says…
2025's iPhone 17 line-up rumored to see a boost in RAM.
Five new games are arriving on Apple Arcade, including "Legends of the Multiverse."
The iPhone 15 Pro Max was the best-selling smartphone in quarter one.
Worldwide tablet sales have increased "modestly," and iPad sales are expected to shoot up this…