Beware of an email trying to trick you about your APPLE account
 |
    11 years
|
Just got this this morning.
This is the phony APPLE senders email:
appleid.poki24@cl450108x.maintenis.com
DO NOT OPEN OR CLICK ON THE BUTTON !!!!!
X-Apparently-To: melaque???????; Fri, 15 Sep 2017 09:54:01 +0000
Return-Path:
Received-SPF: none (domain of cl450108x.maintenis.com does not designate permitted sender hosts)
X-YMailISG: yDRifxwWLDvFSeXpuISVVyGQQwuuspW.rGSofd_xoQBgIZI.
k8aK8uSEtEAFj1Pn4aUkMbVhxf4riorV9hffcHgdoDNbVuFLhLD.bo..yuVK
xmZdPh8NYmkW9rEsmiv40osg9pQg219Z4YbNvd.1YuRfNWW9cAET.jcnW78D
Hj8OGJX8.ktUtxgH1O43AiVvMIrJ3UB3hzEcMD_AAQJ6djM.6EbJ3VmEQB3G
b1I8gTjFHpbdRXlyJ3u6z.m1Lj8T5ZK.DEm3RV4Osbf0ra8XIPzaFqVYiFnR
0nfd0ZEJHVPiyqFaoMxiBpa3LGtXHbTiNQYoYtu_i5NZY9QXZmo5vd_wqXoO
5y8dUyU3ewHt6_Z8p6zyMubXuVbo32bU7ysZ8R66NffmAhtFC.1jdUZOZikz
yux73BzJ4j3rlACvQy1H64N5v5YrF2sMiuBFf0.x850OctXVEfe.i_IPlhdO
w3Ffv4_xAFPjmeaopTgaEPEc5lRs4CVHwgrHJa1FoxsYKc4uwdv8sQwSdAR7
PedJ7X1Azf8br9hhSV.8HTwoeG1qQ3..GQrEPAnbvLwD46Zez6XN.bcmwtJ0
Kg..tV3IrLXqcYvm_ZSNU1ZmHJUyURho3AQO7nMfDRqvz9AmZCZiVlqNNxzc
kHdbBGkCK0VHt4yvybZ1SQCH_qZ.suceDmHc7DEH8E4bKmnHQXFA6mKen808
PxrgxG8dPnDUE27pEOxW_8ZpuqT.Ejz5cttaKsRtDYAr4MGORMrPVnY1dZgG
569k6qBUCqA0fDFA2UDCh9UFrjSad4PIUyW5Qb.UcQ60e351x5hkiBuNOjiJ
ZOFRdUUSlyobjqEj_4UIgs72snq9qQ8C03m2rIsyISlrsKgu8eIW9v28TFxN
ZYw6_Lr1NxsmHgPyGlRU_F399vIdOiAcktyNr9mjj65xfg9EpE89uwGyvJEf
xd6vkPEOKlPwC._d3DwMVhmhcw38r3qjmLsQc7xtOzG7aFbELf_miy0XBv2C
9Fi70a2kFty4wOcxqmkTSNaMRtUWHGfyvtBjliqk324WVNfeezl2nfy0lays
YwRq2cZbfXQ.FGBfsPbp.5kz1dVYs7MBLg--
X-Originating-IP: [103.25.223.144]
Authentication-Results: mta1025.mail.bf1.yahoo.com from=cl450108x.maintenis.com; domainkeys=neutral (no sig); from=cl450108x.maintenis.com; dkim=neutral (no sig)
Received: from 127.0.0.1 (EHLO mxserver15-out4.masterweb.com) (103.25.223.144)
by mta1025.mail.bf1.yahoo.com with SMTPS; Fri, 15 Sep 2017 09:54:01 +0000
Received: from [103.229.72.83] (helo=cl450108x.maintenis.com)
by mxserver15.masterweb.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256)
(Exim 4.89)
(envelope-from )
id 1dsnJs-0008RY-KI
for melaque Fri, 15 Sep 2017 16:53:57 +0700
Received: from k7428142 by cl450108x.maintenis.com with local (Exim 4.89)
(envelope-from )
id 1dsnJs-0007pr-Al
for melaquebound@yahoo.ca; Fri, 15 Sep 2017 05:53:56 -0400
To: melaque
Subject: =?UTF-8?Q?=5b_Statement_New_=5d_Your_Apple_ID_will_be_locked_for_security_reasons?=
X-PHP-Script: www.gekha-ka.co.id/pbbbbki.php for 52.255.48.52
X-PHP-Originating-Script: 747:pbbbbki.php
Date: Fri, 15 Sep 2017 09:53:56 +0000
From: =?UTF-8?Q?Apple_ID?=
Message-ID: <99520bb1aa48bc3bc6208285c2cf88d3@www.gekha-ka.co.id>
X-Priority: 3
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html; charset="us-ascii"
X-Originating-IP: 103.229.72.83
X-MasterWebNetwork-Domain: cl450108x.maintenis.com
X-MasterWebNetwork-Username: 103.229.72.83
Authentication-Results: masterweb.com; auth=pass smtp.auth=103.229.72.83@cl450108x.maintenis.com
X-MasterWebNetwork-Outgoing-Class: unsure
X-MasterWebNetwork-Outgoing-Evidence: Combined (0.89)
X-Recommended-Action: accept
X-Filter-ID: PqwsvolAWURa0gwxuN3S5YEa3T7JuZT23fGO2rGt3ZjDcwv/l5wVu6NIegFLfoI3gIJCAZqMgHhQ
H4PwmtV28Z6twEICWEPK1/ZNhwLvFISLBDMrD7q/cJogwbqzsuok887WOQjipuDNRoIpqe6lAOGT
Rz0gGZ0xKrDy7KUp1baAFIbyFgFecVFv/oAIeL16MY0DX5xbm/+aU1q1EnCk7UXDm9fFn8RsoOjp
uruGGJsv0IqaKRpIHCMHf2rlI4d1GaIrGaowdTHcrPjAbIRaUyDyFxuawXr7N+lYnPNBhHbfX8Td
qEXkwxwMjsp2mNApzkDAryZLgkUtQHg9FxrM9cmxH8sko9n8cwIl+4GkPIN+pvlHhV6a5QjptwQB
GybQ+y4vwQYgOfokE3yVSmW7ohTJM/uvTrZAl2FqxZ6MIPZJ0wHdm7pda4ZGClV8gxdbLjPUPjYa
sKin9RZxQZYUnvfqxP2wrE10m1Dp0H1svTNn3J+68H029vl7rG5FcxfozGr4HPVxrg5aKczfTOpu
EvOW6bvL9DC431WlF1LxckwDZnX+rWy5mCa56iD6wTOO0rSSh9BuN/GPUB6YckFiSRxXniIlIPdK
t5UiHuJb18zOKR7srAn9s0o7pKyjnJGI4y7uFlFehHLBvEOjrQnSiFE8s3cN3IrliJyuCmhnKMj+
LAcp3AysVf0vLI0yMWOZI98e/8bpibclsOZSFV0gEoVrbEj4uzuQVm6zT4cAEe7RLEDyjQ2dEt9k
Ey/9dhwD+hnsOIx9tutuG16g49JxOq4287nqPibIb/TlL/ZjgF8P8d19ARexWtGIzk3SGaMDMALL
6gguJE0vXFCYqsLoypSiI2+T+PxwYN2bAIZfjN1kf/432RhTDcVIUZoNqVo3S5oNy3LfmmOQmIEm
t69R+L2ZgMXahWjAKckRUv07jBg=
X-Report-Abuse-To: spam@mxserver1.masterweb.com
Content-Length: 25370
Never ending scammers
Just got this this morning.
This is the phony APPLE senders email:
appleid.poki24@cl450108x.maintenis.com
DO NOT OPEN OR CLICK ON THE BUTTON !!!!!
X-Apparently-To: melaque???????; Fri, 15 Sep 2017 09:54:01 +0000
Return-Path:
Received-SPF: none (domain of cl450108x.maintenis.com does not designate permitted sender hosts)
X-YMailISG: yDRifxwWLDvFSeXpuISVVyGQQwuuspW.rGSofd_xoQBgIZI.
k8aK8uSEtEAFj1Pn4aUkMbVhxf4riorV9hffcHgdoDNbVuFLhLD.bo..yuVK
xmZdPh8NYmkW9rEsmiv40osg9pQg219Z4YbNvd.1YuRfNWW9cAET.jcnW78D
Hj8OGJX8.ktUtxgH1O43AiVvMIrJ3UB3hzEcMD_AAQJ6djM.6EbJ3VmEQB3G
b1I8gTjFHpbdRXlyJ3u6z.m1Lj8T5ZK.DEm3RV4Osbf0ra8XIPzaFqVYiFnR
0nfd0ZEJHVPiyqFaoMxiBpa3LGtXHbTiNQYoYtu_i5NZY9QXZmo5vd_wqXoO
5y8dUyU3ewHt6_Z8p6zyMubXuVbo32bU7ysZ8R66NffmAhtFC.1jdUZOZikz
yux73BzJ4j3rlACvQy1H64N5v5YrF2sMiuBFf0.x850OctXVEfe.i_IPlhdO
w3Ffv4_xAFPjmeaopTgaEPEc5lRs4CVHwgrHJa1FoxsYKc4uwdv8sQwSdAR7
PedJ7X1Azf8br9hhSV.8HTwoeG1qQ3..GQrEPAnbvLwD46Zez6XN.bcmwtJ0
Kg..tV3IrLXqcYvm_ZSNU1ZmHJUyURho3AQO7nMfDRqvz9AmZCZiVlqNNxzc
kHdbBGkCK0VHt4yvybZ1SQCH_qZ.suceDmHc7DEH8E4bKmnHQXFA6mKen808
PxrgxG8dPnDUE27pEOxW_8ZpuqT.Ejz5cttaKsRtDYAr4MGORMrPVnY1dZgG
569k6qBUCqA0fDFA2UDCh9UFrjSad4PIUyW5Qb.UcQ60e351x5hkiBuNOjiJ
ZOFRdUUSlyobjqEj_4UIgs72snq9qQ8C03m2rIsyISlrsKgu8eIW9v28TFxN
ZYw6_Lr1NxsmHgPyGlRU_F399vIdOiAcktyNr9mjj65xfg9EpE89uwGyvJEf
xd6vkPEOKlPwC._d3DwMVhmhcw38r3qjmLsQc7xtOzG7aFbELf_miy0XBv2C
9Fi70a2kFty4wOcxqmkTSNaMRtUWHGfyvtBjliqk324WVNfeezl2nfy0lays
YwRq2cZbfXQ.FGBfsPbp.5kz1dVYs7MBLg--
X-Originating-IP: [103.25.223.144]
Authentication-Results: mta1025.mail.bf1.yahoo.com from=cl450108x.maintenis.com; domainkeys=neutral (no sig); from=cl450108x.maintenis.com; dkim=neutral (no sig)
Received: from 127.0.0.1 (EHLO mxserver15-out4.masterweb.com) (103.25.223.144)
by mta1025.mail.bf1.yahoo.com with SMTPS; Fri, 15 Sep 2017 09:54:01 +0000
Received: from [103.229.72.83] (helo=cl450108x.maintenis.com)
by mxserver15.masterweb.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256)
(Exim 4.89)
(envelope-from )
id 1dsnJs-0008RY-KI
for melaquebound@yahoo.ca; Fri, 15 Sep 2017 16:53:57 +0700
Received: from k7428142 by cl450108x.maintenis.com with local (Exim 4.89)
(envelope-from )
id 1dsnJs-0007pr-Al
for melaquebound@yahoo.ca; Fri, 15 Sep 2017 05:53:56 -0400
To: melaquebound@yahoo.ca
Subject: =?UTF-8?Q?=5b_Statement_New_=5d_Your_Apple_ID_will_be_locked_for_security_reasons?=
X-PHP-Script: www.gekha-ka.co.id/pbbbbki.php for 52.255.48.52
X-PHP-Originating-Script: 747:pbbbbki.php
Date: Fri, 15 Sep 2017 09:53:56 +0000
From: =?UTF-8?Q?Apple_ID?=
Message-ID: <99520bb1aa48bc3bc6208285c2cf88d3@www.gekha-ka.co.id>
X-Priority: 3
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html; charset="us-ascii"
X-Originating-IP: 103.229.72.83
X-MasterWebNetwork-Domain: cl450108x.maintenis.com
X-MasterWebNetwork-Username: 103.229.72.83
Authentication-Results: masterweb.com; auth=pass smtp.auth=103.229.72.83@cl450108x.maintenis.com
X-MasterWebNetwork-Outgoing-Class: unsure
X-MasterWebNetwork-Outgoing-Evidence: Combined (0.89)
X-Recommended-Action: accept
X-Filter-ID: PqwsvolAWURa0gwxuN3S5YEa3T7JuZT23fGO2rGt3ZjDcwv/l5wVu6NIegFLfoI3gIJCAZqMgHhQ
H4PwmtV28Z6twEICWEPK1/ZNhwLvFISLBDMrD7q/cJogwbqzsuok887WOQjipuDNRoIpqe6lAOGT
Rz0gGZ0xKrDy7KUp1baAFIbyFgFecVFv/oAIeL16MY0DX5xbm/+aU1q1EnCk7UXDm9fFn8RsoOjp
uruGGJsv0IqaKRpIHCMHf2rlI4d1GaIrGaowdTHcrPjAbIRaUyDyFxuawXr7N+lYnPNBhHbfX8Td
qEXkwxwMjsp2mNApzkDAryZLgkUtQHg9FxrM9cmxH8sko9n8cwIl+4GkPIN+pvlHhV6a5QjptwQB
GybQ+y4vwQYgOfokE3yVSmW7ohTJM/uvTrZAl2FqxZ6MIPZJ0wHdm7pda4ZGClV8gxdbLjPUPjYa
sKin9RZxQZYUnvfqxP2wrE10m1Dp0H1svTNn3J+68H029vl7rG5FcxfozGr4HPVxrg5aKczfTOpu
EvOW6bvL9DC431WlF1LxckwDZnX+rWy5mCa56iD6wTOO0rSSh9BuN/GPUB6YckFiSRxXniIlIPdK
t5UiHuJb18zOKR7srAn9s0o7pKyjnJGI4y7uFlFehHLBvEOjrQnSiFE8s3cN3IrliJyuCmhnKMj+
LAcp3AysVf0vLI0yMWOZI98e/8bpibclsOZSFV0gEoVrbEj4uzuQVm6zT4cAEe7RLEDyjQ2dEt9k
Ey/9dhwD+hnsOIx9tutuG16g49JxOq4287nqPibIb/TlL/ZjgF8P8d19ARexWtGIzk3SGaMDMALL
6gguJE0vXFCYqsLoypSiI2+T+PxwYN2bAIZfjN1kf/432RhTDcVIUZoNqVo3S5oNy3LfmmOQmIEm
t69R+L2ZgMXahWjAKckRUv07jBg=
X-Report-Abuse-To: spam@mxserver1.masterweb.com
Content-Length: 25370
Tiss the season for all of this stuff it seems, just got a very convincing text from "Manitoba Hydro" stating that my account is overdue and needs immediate attention.. even gave a somewhat realistic if not completely fictitious reference number.
Seems like this stuff just never ends, and gaurenteed that some poor folk will be taken as a result.
Nuvi 2595LMT, Nuvi 40, GPSMAP 62s, TomTom One XL -Change what you can, manage what you can't.
.
Tiss the season for all of this stuff it seems, just got a very convincing text from "Manitoba Hydro" stating that my account is overdue and needs immediate attention.. even gave a somewhat realistic if not completely fictitious reference number.
Seems like this stuff just never ends, and gaurenteed that some poor folk will be taken as a result.
What season? Scam season is any day/time between January 1 and Dec 31 every year.
Thank you for this. My
Thank you for this. My brother received a similar email. Saw the sender and immediately reacted as you did.
Got
Got an e-mail like this the other day that Outlook happily sent directly to my Junk folder.
Nuvi 350, 760, 1695LM, 3790LMT, 2460LMT, 3597LMTHD, DriveLuxe 50LMTHD, DriveSmart 61, Garmin Drive 52, Garmin Backup Camera 40 and TomTom XXL540s.
E-mail
J just got the same that looked like from apple but knew I hadn't bought anything from them.
johnm405 660 & MSS&T
If I'm not certain I usually hit "reply" to...
email and it will show the senders address. 99% of the time it's obvious it's not from who it's stated it is. I get emails from Apple, Paypal, Ebay and many banks all the time. They blindly send these out hoping someone will bite and provide the info they want such as login info or SS # and DOB.
I would strongly recommend NOT putting clickable malicious links or even hyperlinked email addresses connected to malicious actors on an internet forum.
?
??
Nuvi 2797LMT, DriveSmart 50 LMT-HD, Using Windows 10. DashCam A108C with GPS.
.
This is one of the reasons I send, and receive email in plain text.
HTML email tends to hide actual links, and spammers can add the pretty, and realistic-looking pictures to fool people.
nüvi 3790T | Those who make peaceful revolution impossible, will make violent revolution inevitable ~ JFK
Whay are you confused?
??
What the poster means is that you should not have posted the phony apple address as a LINK.
I never get lost, but I do explore new territory every now and then.
live link
for sure somebody will click on the live link that was posted !
You can hover your mouse over the link also.
Doing so will show the full text and link. Usually in the lower left of your screen.
Nuvi 2460LMT.
Thanks
for the info.
Garmin Nuvi 765T, Garmin Drive 60LM
MS account team
I occasionally get e-mail from fake Microsoft update my information via a link , never click
Rudy
I would also suggest you removing your personal email address from the message as melaqueb***d@yahoo.ca does appear.
I try to avoid spam as much as possible
Nüvi 255WT with nüMaps Lifetime North America born on 602117815 / Nüvi 3597LMTHD born on 805972514 / I love Friday’s except when I’m on holidays ~ canuk
Scam
Will keep my eyes open. Thanks
strange links in email
By now everybody should be familiar with this type of scams. Solution is simple: never click on link in email like this. Any serious company will not send this type of emails.
If you want check if email is real just log into your account directly. If there is real problem than you will have some sort of info after logging into your account.
But there is a lot of people who still get tricked by Nigerian scam, so you can always expect those emails.
These are sooo annoying.
I can't believe some of the stuff that's auto filtered to my junk folder!
Emails Sans Account
I get these emails all the time, and I don't even have an Apple account.
I will reply to them after I settle the >5 lawsuits the IRS has against me (per the voicemails Mr. Patel keeps leaving me).