Happy Phishing New Year

We here at Apple Tech Talk want to wish all of our readers a very happy New Year. We hope that 2025 brings everyone health and happiness. We also want to make sure that you stay as safe as you can online by avoiding scams and phishing attempts.

Like you, we are not immune from people trying to get our personal information.

On Christmas day, we received the below email. In fact, we received it five (5) times. And while it looked pretty official, we knew right away, that all of these emails were fact, fake. They did not come from Apple, and there wasn’t a problem with our Apple ID.

Phishing Email

So how did we know that, and what should you look for when you receive an email that says your account is going to be closed, you owe money for a purchase you didn’t make, or worse, someone wants to give you money?

Here are some tips that you should consider before believing that email.

Try Using You Apple ID

The easiest was to see if you Apple ID, or any other online account has been disabled is to try and use it. Can you still access your Apple account? Can you log into the Apple App Store, do all of your devices still work and have access to other devices on your account? Can you still log onto your other accounts using your current ID and password?

If any of these things are true and they work, your account probably isn’t disabled and you should just ignore the message.

Check the Sender’s Address

In almost all cases, the scammer hides their real email address with a fake name. In the case of our emails, they all showed that they were sent from iCloud. That was the first clue. Apple does not use iCloud as an email address. To our knowledge, an email from Apple will always show up as Apple or Apple.com in your mail app. If you want to verify the actual email address, and you use the Apple Mail app on your Mac or iPhone, just click the sender’s name at the top of the email. This will show the actual and/or complete address that email was send from.

In our case, iCloud emails actually came from these addresses:

  • customerservice@ohdanishbakery.com
  • donorsupport@careasy.org
  • noreply@easirent.com
  • admin@ebirthdayclubs.com
  • derek@derekdiener.com

While all of these domains are real entities, none of these have anything to do with Apple. At this point, there should not be any question these emails are an attempt to get your personal information.

However, if that didn’t convince you consider that the Apple ID that was listed in the email wasn’t even our current ID. In fact, we’re not sure it was ever one of our Apple IDs. It was clear that they were just using an old email address in the hope that it was an Apple ID we cared about.

If the Apple ID or any other identifying information looks wrong, it’s a pretty sure bet that the email is fake.

Don’t Boldly Go Where No One Should Have Gone Before

Next, we did something you should never do. We clicked on the provided link to show you what comes next. Doing that took us to the web page below.

Fake Apple Account Site
Fake Apple Account Site

If you didn’t know what to expect, this web page actually looks pretty convincing. However, with a little closer inspection, you could easily tell this wasn’t an actual Apple site.

First, check the address bat at the top of your browser page. If you use Safari, it will often only show the short address. In the case of this page, it showed the following address:

https://appxd.mdnxcl.com

That certainly doesn’t look like any Apple web page address we have ever seen. To get a better look, at any page, you can click on the short URL to see the complete address. Doing that revealed the following address:

https://appxd.mdnxcl.com/?r=&visitorId=6771b1a6f4a764f825dd34c0

Clearly, this web page does not belong to Apple.

While scammers do put a lot of effort to make a page look authentic, there is only so much they can do. Take a look at the top of the fake page. It has all of the headings you expect to see on an Apple site. Here’s the thing, place your mouse or point to any of those links on the page and you find that they are not really links. They are just plain text.

All of that together should be a big red flag that this site is not authentic and you should not go any further.

What if you do think the message is real?

Whether it’s Apple or any other company, we recommend you never rely on the message you receive. Instead go to the company’s web site or contact the company directly to ask that they check the status of your account and verify if it is disabled, or the transaction you are supposed to be charged for is legitamate.

In the case of our five emails, if you just went to apple.com and clicked on Support, you would see an option for Apple Account and Password. That would take you to this page.

Real Apple Account Site

As you can see, it looks similar to the fake site, although the logo is bigger on the page, and the page title is Apple Account Support, not Apple ID like on the fake page.

You would also find that all of the links at the top of the page were live links. Of course, you already knew that because you started at apple.com which you know is the official site. And just to be safe, if you checked the full-page URL, you would see this:

https://support.apple.com/apple-account

What To Do About These Emails?

Almost every company wants to help fight these scammers and wants their customers to report these emails.

Like other companies, Apple has an email address and asks you to send these phishing attempt emails to them at; reportphishing@apple.com. We sent all five of these emails to Apple so they can investigate them further. And that official Apple Account Support page has a lot of other information to help protect you.

The Bottom Line

Scammers will try anything to get your personal information. The more they collect from you, the easier it becomes to gain access to your online accounts, including bank accounts.

The news is filled with stories of people that have lost thousands of dollars, in some cases, their entire life savings, because they trusted the person on the other end of the phone, email or web site.

Don’t become a statistic. If something doesn’t look or sound right, don’t trust it. If you get a request for a payment in gift cards or to be paid by Western Union, don’t believe it.

If they try to scare you by saying you will be arrested or the policy are on their way, hang up the phone or close your computer.

If you get an email that says your account has been closed or that you are being charged for a purchase you didn’t make, contact the company directly to see if it is true.

Scammers may be smart, but you are smarter and with a little bit of checking, you can stay one step ahead of them.

How have you detected a potential scam or phishing attempt? Why not joint the conversation and leave a comment below? Your tip can save others from a similar problem.

If you liked this article, please consider sharing it with your friends and leaving a comment below. Also, don’t forget to “Like” us on Facebook, “Follow Us” on Twitter and add the Apple Tech Talk channel to your Apple News app.

And if you haven’t subscribed to Apple Tech Talk, now would be a great time to do it so. Just scroll down to the form below and enter your name and email address. Then you’ll receive a notification whenever we post new articles. Don’t worry, we never sell or share your information. While you’re at it, check out our YouTube channel (here) where you will find video on interesting products any Apple enthusiast would love.

Apple Tech Talker

JOIN OUR NEWSLETTER
I agree to have my personal information transfered to MailChimp ( more information )
Subscribe to Apple Tech Talk and received a free Mac Keyboard Shortcuts Guide by email.
We hate spam. Your email address will not be sold or shared with anyone else.
Share this post.Facebooktwittermail

Leave a Comment