I’m suspicious, I got an email from Apple Computer saying that the company needed me to go onto the Web site and validate my account information. Is this legit?
One of my mantras here at AskDaveTaylor is that if you have to ask, it’s not legit and that applies well in this situation. If Apple needs confirmation, you can log in to your Apple account via the iTunes program and know that you’re safe, it’s all legit and you’re really communicating with Apple, not some scammer or bad guy.
The email you got is likely similar to one I received a few days ago too, requesting that I “Visit the My Apple ID website” and “Validate your account information”. Upon closer examination, however, it’s clearly bogus and just a pesky phishing attempt from someone who wants to steal my account information and hijack my Apple account. Not good!
Let’s start with the message itself, because they always have clues about their bogus nature:
Looks somewhat reasonable, other than missing some graphics that are present in all Apple email. But my email program helps me know it’s fake because I can check both the address from which the message was sent and the destination for the “Visit the My Apple ID website” link.
First the sending address:
The first part, “apple.id” might be almost believable, but the domain name? Why would Apple be sending email from a domain called “apple.id.en.com” rather than “apple.com”?
Scammers can fake a sending address, however. The far bigger clue is the link they ask you to click:
We can be completely sure that Apple would never point you to a Web page on “sonacommercial.com” and even if the company did, it wouldn’t be a page buried in “skin/frontend/default/german/images/js/”, of all places!
But let’s say you didn’t pay particularly close attention and clicked…
You’d find that you didn’t even end up on sonacommercial.com but were bounced to an even more dicey domain: “spiritofarabia.com”, as shown:
It all certainly looks legit if you don’t pay extra close attention to the page, doesn’t it?
But that domain — and the lack of a secure lock icon — gives this away in an instant.
But you’re still not paying attention and you actually “sign in” with your legit account and password credentials. Someone, somewhere, does a short dance for joy just before they sit down and hijack your account, but what you see is this:
This is an identity theft home run if you fill this out, of course, but hopefully somewhere along the way you’ve gotten a sense of foreboding and stopped the madness!
If you did make the mistake of logging in with your real Apple ID account credentials, immediately launch iTunes, go to your account information (off the “Store” menu), and change your password! And next time? Pay closer attention before you click.
