using apple-authorize-uk.com, apple-authorize.com and uk-apple-verify.com
The Apple phishing emails,which were reported on the blog earlier, are the same... just using different
domains.
Lots of different From addresses and Subjects.
Sample Message headers:
From: "Apple Org" {support@apple.cm}
Subject: Account temporarily suspended - action required
From: "AppleID Support" {support@apple.cm}
Subject: Your Apple account requires verification
From: "Your Apple support" {zonaprieta@moldran.com}
Subject: Account information expired
From: "Apple Co" {skearney@packeteer.com}
Subject: Account deactivated - action required
From: "Apple Org" {support@apple.cm}
Subject: Account information update required
From: "Apple support" {mclean@libtrade.com}
Subject: Your account information needs to be updated
From: "AppleID Support" {angie.gonzalez@investrmi.com}
Subject: Billing information update required
From: "Apple Ltd" {support@apple.cm}
Subject: Please update your account details
From: "Apple Co" {webmaster@sbcglobal.net}
Subject: Please confirm your billing details
From: "AppleID Support" {support@apple.cm}
Subject: Apple account verification required
From: "Your Apple support" {support@apple.cm}
Subject: Please update your account details
From: "Your Apple support" {support@apple.cm}
Subject: Billing information expired
From: "Apple Org" {enji_murata@jedstock.com}
Subject: Billing information update required
From: "Your Apple support" {support@apple.cm}
Subject: Account verification failed
From: "Apple SarL" {support@apple.cm}
Subject: Please confirm your account details
From: Apple Co }support@apple.cm}
Subject: iCloud Account verification failed
Sample Message body:
Dear customer,It has come to our attention that the Billing Information associated with your account are out of date. To maintain account safety and to ensure that the account is in the right hands it is required for you to update your Billing information.Failure to update your records within 7 days will result in account termination.Click on the reference link below and update your billing information on the following page to complete account verification:Thanks,
Apple Customer Support
The above link to Apple site, doesn't take you there but instead takes you to a fake phishing site:
The fake phishing site above looks like this:
http://apple-authorize-uk.com
http://apple-authorize.com
http://uk-apple-verify.com
The fake apple domain was recently set-up, details here:
The fake phishing site will also ask you to hand over your credit card details too....
Domain Name: APPLE-AUTHORIZE-UK.COM Registry Domain ID: 1893957567_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.tldregistrarsolutions.com Registrar URL: http://www.tldregistrarsolutions.com Updated Date: 2015-01-04T15:37:30Z Creation Date: 2015-01-04T05:12:30Z Registrar Registration Expiration Date: 2016-01-04T05:12:30Z Registrar: TLD Registrar Solutions Ltd. Registrar IANA ID: 1564 Registrar Abuse Contact Email: abuse@tldregistrarsolutions.com Registrar Abuse Contact Phone: +44.7546458118 Reseller: Domain Status: clientTransferProhibited Registry Registrant ID: Registrant Name: Dawid Nowak Registrant Organization: Registrant Street: 531 HOOVER STREET Registrant City: Napa Registrant State/Province: California Registrant Postal Code: 94559 Registrant Country: US Registrant Phone: +1.4850649783 Registrant Phone Ext: Registrant Fax: Registrant Fax Ext: Registrant Email: d.nowakk91@wp.pl
Cheers,
Steve
Sanesecurity.com
No comments:
Post a Comment