Very well informed spammers..

Hi all, my kids are over in Europe and with them their iPads. Both have an iTunes account connected with an e-mail address only used for this. Short time afterwards I start to get some phishing spam claiming my iTunes account is suspended with lines as: "During a recent review of your account we found that you are currently logging in from different cities in a suspicious manner that is not compliant with our account policies." I find it quite scary how well-informed spammers seem to be about my (devices) location, combined with the link to the right e-mail address (iTunes account) used by this device. My first guess an app (a game or so) collecting location and iTunes account from the device. I find this very insufficient protection, behind the iTunes account are credit card details etc.. Regards Peter

On Fri, 4 Jul 2014 11:36:58 Peter Ross wrote:
Short time afterwards I start to get some phishing spam claiming my iTunes account is suspended with lines as:
"During a recent review of your account we found that you are currently logging in from different cities in a suspicious manner that is not compliant with our account policies."
Are you sure it knew the accounts were used in different cities? Could they be just sending that mail out to everyone. If you hadn't been traveling and Apple sent you email about your account being used from different cities then you would surely want to login and find out what's happening... -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/

On Fri, 04 Jul 2014 13:34:50 +1000 Russell Coker <russell@coker.com.au> wrote:
On Fri, 4 Jul 2014 11:36:58 Peter Ross wrote:
Short time afterwards I start to get some phishing spam claiming my iTunes account is suspended with lines as:
"During a recent review of your account we found that you are currently logging in from different cities in a suspicious manner that is not compliant with our account policies."
Are you sure it knew the accounts were used in different cities? Could they be just sending that mail out to everyone.
If you hadn't been traveling and Apple sent you email about your account being used from different cities then you would surely want to login and find out what's happening...
Even if you did have the smallest suspicion it was genuine, you would do this by going to the proper login page in your browser and not use any link in the email hopefully. Chances are it is just coincidence. I am pretty sure I have received similar before, and I dont own any Apple products that dont grow on trees!. But those coincidences can be scary!!! A few years ago my Dad was expecting a parcel which was late arriving, and he got one of those faked "failed delivery" email at that time and he was so convinced it was a genuine one.
-- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/
_______________________________________________ luv-talk mailing list luv-talk@luv.asn.au http://lists.luv.asn.au/listinfo/luv-talk
-- dan062 <dan062@yahoo.com.au>

On Fri, Jul 04, 2014 at 02:24:09PM +1000, Dan062 wrote:
Even if you did have the smallest suspicion it was genuine, you would do this by going to the proper login page in your browser and not use any link in the email hopefully.
well-informed, properly-suspicious individuals would do this. this description, unfortunately, does not apply to the bulk of the population. many or most people would just click on the convenient link in the email. which is why phishers send bogus emails like this trying to trick people into clicking on their link and giving them their login details.
Chances are it is just coincidence. I am pretty sure I have received similar before, and I dont own any Apple [...]
me too. and i get spams telling me my *non-existent* westpac or NAB or ANZ (or one of dozens of other banks around the world) account has been compromised and i need to login immediately using the convenient link in the email. ditto for paypal and ebay accounts. the goal of the spammer is to get the recipient to panic and click on the link and try to login. craig -- craig sanders <cas@taz.net.au>

On 05/07/14 13:45, Craig Sanders wrote:
On Fri, Jul 04, 2014 at 02:24:09PM +1000, Dan062 wrote:
Even if you did have the smallest suspicion it was genuine, you would do this by going to the proper login page in your browser and not use any link in the email hopefully.
well-informed, properly-suspicious individuals would do this. this description, unfortunately, does not apply to the bulk of the population.
many or most people would just click on the convenient link in the email.
Chrome and Firefox phishing protection offers some protection, although it is not foolproof. Daniel
which is why phishers send bogus emails like this trying to trick people into clicking on their link and giving them their login details.
Chances are it is just coincidence. I am pretty sure I have received similar before, and I dont own any Apple [...]
me too. and i get spams telling me my *non-existent* westpac or NAB or ANZ (or one of dozens of other banks around the world) account has been compromised and i need to login immediately using the convenient link in the email. ditto for paypal and ebay accounts.
the goal of the spammer is to get the recipient to panic and click on the link and try to login.
craig

But we eventually also learnt that, despite what good-spirited researchers might think and despite what people might say in your face if you ask them, the general public doesn’t actually put a very high value on privacy in general [1] and on location privacy in particular [6], at least until something really bad happens to them personally. http://www.cl.cam.ac.uk/~fms27/papers/2009-Stajano-location.pdf [...] Medians of bids are £20 [previous study] and €43 [this study] for non-commercial use of [location] data, respectively. https://www.lightbluetouchpaper.org/2006/09/08/a-study-on-the-value-of-locat... There was a more recent study where students bought CDs online and could exchange personal information for a discount (to measure how they valued privacy) but I can't find it again.

Had it been an Android device .... http://www.itnews.com.au/News/389126,android-devices-leak-location-data.aspx Daniel. On Fri, 4 Jul 2014 11:36:58 +1000 "Peter Ross" <Petros.Listig@fdrive.com.au> wrote:
Hi all,
my kids are over in Europe and with them their iPads.
Both have an iTunes account connected with an e-mail address only used for this.
Short time afterwards I start to get some phishing spam claiming my iTunes account is suspended with lines as:
"During a recent review of your account we found that you are currently logging in from different cities in a suspicious manner that is not compliant with our account policies."
I find it quite scary how well-informed spammers seem to be about my (devices) location, combined with the link to the right e-mail address (iTunes account) used by this device.
My first guess an app (a game or so) collecting location and iTunes account from the device.
I find this very insufficient protection, behind the iTunes account are credit card details etc..
Regards Peter
_______________________________________________ luv-talk mailing list luv-talk@luv.asn.au http://lists.luv.asn.au/listinfo/luv-talk
-- dan062 <dan062@yahoo.com.au>

On 4/07/2014 11:36 AM, Peter Ross wrote:
"During a recent review of your account we found that you are currently logging in from different cities in a suspicious manner that is not compliant with our account policies."
What makes you so sure it actually was fishing? It just might be Apple being cautious for travelers.... ??? A.
participants (7)
-
Andrew McGlashan
-
Craig Sanders
-
Dan062
-
Daniel Jitnah
-
Peter Ross
-
Russell Coker
-
Trent W. Buck