Email scam targets MobileMe users with iCloud upgrade bait
Scammers are trying to trick Apple's existing MobileMe subscribers into providing credit card information, purportedly to migrate to the new iCloud service, in a new spam campaign that echoes previous attempts.
The email asks MobileMe members to "Please sign up for iCloud and click the submit botton [sic], you'll be able to keep your old email address and move your mail, contacts, calendars, and bookmarks to the new service.
"Your subscription will be automatically extended through July 31, 2012, at no additional charge.
After that date, MobileMe will no longer be available."
The email provides a link inviting users to "click here to update iCLOUD," but the link actually directs to "flowerpotss.biz," where a phony page asks users to supply their credit card information rather than perform a "no charge" sign up.
Apple has indicated that existing MobileMe users will be able to upgrade, once the service becomes publicly available, after simply logging into their existing account. Users should never supply their account information or credit card details in response to an email.
It's always safer to navigate to online services directly or using a bookmark. Apple never requests users to click a link to enter or "verify" their credit card information.
The email asks MobileMe members to "Please sign up for iCloud and click the submit botton [sic], you'll be able to keep your old email address and move your mail, contacts, calendars, and bookmarks to the new service.
"Your subscription will be automatically extended through July 31, 2012, at no additional charge.
After that date, MobileMe will no longer be available."
The email provides a link inviting users to "click here to update iCLOUD," but the link actually directs to "flowerpotss.biz," where a phony page asks users to supply their credit card information rather than perform a "no charge" sign up.
Apple has indicated that existing MobileMe users will be able to upgrade, once the service becomes publicly available, after simply logging into their existing account. Users should never supply their account information or credit card details in response to an email.
It's always safer to navigate to online services directly or using a bookmark. Apple never requests users to click a link to enter or "verify" their credit card information.
Comments
It has a legitimate look to it... But of course wants credit card info to convert to iCloud... yeah right...
ken
I got this one and made and e-mailed an immediate warning to family-friends about it
It has a legitimate look to it... But of course wants credit card info to convert to iCloud... yeah right...
ken
I don't think some Apple users will find the need to supply credit card info at all suspicious since one is requested when you first activate your account. It's such a simple scam, but it's probably going to make a lot of money in a very short time.
Did they really think they would fool people with the "Apple store" thing? They could have at least capitalized the word "store." Or spelled "button" correctly.
Apple now is targeting very unsophisticated users. My guess is that lots of Apple customers will fall for it. Mom and pop are not tech savvy, but they have credit cards with large limits.
Did they really think they would fool people with the "Apple store" thing? They could have at least capitalized the word "store." Or spelled "button" correctly.
You do read posts here, correct? You really think spelling is a strong point for some
users? A good percentage may not notice the errors so apparent to some others.
Cant even spell Nane right!... Has Scam written al over it but still will fool A LOT of people
That was on purpose, right?
Cant even spell Nane right!... Has Scam written al over it but still will fool A LOT of people
That was on purpose, right?
Right.
Scammers are trying to trick Apple's existing MobileMe subscribers into providing credit card information, purportedly to migrate to the new iCloud service, in a new spam campaign that echoes previous attempts....
The easiest way to tell it's a scam is to hover over the link, but then iOS doesn't let one hover.
Could be a problem.
The easiest way to tell it's a scam is to hover over the link, but then iOS doesn't let one hover.
Could be a problem.
You have to be pretty naive to not know to look for the secure icon or the https:// before giving up your credit card. Don't kids teach their parents that still?
Domain Name: FLOWERPOTSS.BIZ
Domain ID: D46230628-BIZ
Sponsoring Registrar: CSL COMPUTER SERVICE (D.B.A. JOKER.COM)
Sponsoring Registrar IANA ID: 113
Registrar URL (registration services): whois.joker.com
Domain Status: clientTransferProhibited
Registrant ID: CNEU-210417
Registrant Name: Stephanie
Registrant Address1: 5158 Dry Creek Drive
Registrant City: Dublin
Registrant State/Province: Ohio
Registrant Postal Code: 43016
Registrant Country: United States
Registrant Country Code: US
Registrant Phone Number: +44.6143145107
Registrant Email: [email protected]
Administrative Contact ID: CNEU-9305
Administrative Contact Name: GET FREE DOMAINS www.uk2.net
Administrative Contact Organization: UK-2 Ltd
Administrative Contact Address1: One Canada Square
Administrative Contact Address2: Canary Wharf
Administrative Contact City: London
Administrative Contact State/Province: --
Administrative Contact Postal Code: E14 5DY
Administrative Contact Country: UNITED KINGDOM
Administrative Contact Country Code: GB
Administrative Contact Phone Number: +20.79871200
Administrative Contact Email: [email protected]
Name Server: ULTRA103.UK2.NET
Domain Registration Date: Tue Aug 02 08:09:38 GMT 2011
Registrant City: Dublin
Registrant State/Province: Ohio
Registrant Phone Number: +44.6143145107
Not even a legit US phone number. (If, somehow, area code was 446, it's Colorado, plus the first digit won't be 1 assuming 07 is an extension)
Why the F are domain registrars allowed to accept this blatantly dishonest crap?
I'm not saying that the number itself is valid, but that *is* the standard way to represent a U.K. phone number in settings such as this. Just so you know.
The "+20" later on is bogus, to be sure. It also should have the "44" to be valid.
Well, it's is a cell phone in Columbus OH at least. But someone should have had to confirm a real "Stephanie".
Frankly, if domain registrars were held legally responsible for doing due diligence in preventing phony personas, scams would get a bit harder.
Frankly, anyone stupid enough to fall for this deserves what they get.
Dickhead.
Last post.
Honestly, what? What in the world makes you think that kind of response is an acceptable reply to what he said?
Or maybe you fell for it and are lashing out.
It's like an email from a bank asking for a password, they already have it why would they need it again.
Sometimes all it needs is a little common sense.
Domain Name: FLOWERPOTSS.BIZ
Domain ID: D46230628-BIZ
Sponsoring Registrar: CSL COMPUTER SERVICE (D.B.A. JOKER.COM)
Sponsoring Registrar IANA ID: 113
Registrar URL (registration services): whois.joker.com
Domain Status: clientTransferProhibited
Registrant ID: CNEU-210417
Registrant Name: Stephanie
Registrant Address1: 5158 Dry Creek Drive
Registrant City: Dublin
Registrant State/Province: Ohio
Registrant Postal Code: 43016
Registrant Country: United States
Registrant Country Code: US
Registrant Phone Number: +44.6143145107
Registrant Email: [email protected]
Administrative Contact ID: CNEU-9305
Administrative Contact Name: GET FREE DOMAINS www.uk2.net
Administrative Contact Organization: UK-2 Ltd
Administrative Contact Address1: One Canada Square
Administrative Contact Address2: Canary Wharf
Administrative Contact City: London
Administrative Contact State/Province: --
Administrative Contact Postal Code: E14 5DY
Administrative Contact Country: UNITED KINGDOM
Administrative Contact Country Code: GB
Administrative Contact Phone Number: +20.79871200
Administrative Contact Email: [email protected]
Name Server: ULTRA103.UK2.NET
Domain Registration Date: Tue Aug 02 08:09:38 GMT 2011
Nice little house you have there, "Stephanie". Could that knock at your front door be the FBI?
Honestly, what? What in the world makes you think that kind of response is an acceptable reply to what he said?
Or maybe you fell for it and are lashing out.
Stourque is right. What the previous poster Slang4Art said is akin to "if she got raped it's her problem she was too skimpily dressed". So I second his harsh words.
Naivity should not be responded to with "too bad her problem" but education and security features. If I did not know you for your usual intelligent posts, I'd think you scam for a living