Fake MobileMe email / phishing threat

 Ars.Technica recently posted an article about a new phishing scam that actually sounds like it has a chance of bamboozling many users: Bogus emails, purporting to be from Apple, which prompt you to update your .Mac / MobileMe account information:

“As usual, the e-mail is disguised to look like a legit message coming from Apple, but clicking on the provided link (so that users can "update" their billing information with a working credit card, of course) forwards them to a site that is not at all affiliated with Apple.”

Phishing, if you didn’t know, is something you’re not generally protected against just because you use a Mac. (unless the phish attempt has to do with installing malware or viruses which don’t run on Macs). Threats are platform-independent. In this particular case, there’s no virus or malware. Instead, it’s good old fashioned trickery and forgery, using “social engineering” to get you to make a mistake and turn over information you shouldn’t to somebody you don’t want to know.

Phishing, Spam Increase. Sigh.

Holy cow has spam been annoying lately. Don’t know about you, but mine’s up by at least 10%. I’m seeing a lot of phishing-based spam, too - the kind that tries to get you to “update your account info now.” Today I’ve seen three or four claiming to be from Wells Fargo.

Yes, Wells Fargo is ever-so-nice and helpful, giving me this chance to help them “ensure the integrity and security of our online banking system.” The email claims that they tried to contact me by phone, but were unable to - hence this convenient email with a link to my account information. You know, just so I can review it and make sure it is right.

I think I’ve touched on this before, but one can never be too careful. First, banks and doctors and insurance companies and so forth will almost never, ever communicate with you this way. If there is something to be updated, you’ll probably learn of it via your postal mail communications (a note on your bill or statement, for example) or AFTER logging into their online system. Also, typos and strange grammar are dead-giveaways. Finally - check out the full message header and see where the email really comes from. In Apple Mail, select the message from your message list and then go to View / Message / Long Headers.

I didn’t even need to do that for this Wells Fargo spam/phish. The perp didn’t even bother changing the “Reply To,” which is arbitrary and set to anything you like. It’s “akstcabcaccountancymnsdgs@abcaccountancy.nl” - pretty far removed from WellsFargo.com, don’t you think?

Finally, keep in mind that a lot of times phishers and spammers will use what's called "social engineering" to try to get you to do unsafe things online. This time of year, we're likely to see a lot of fake emails claiming to be from the IRS. Don't buy it.