Consider this my public service announcement (PSA) for the day.
A number of people at my school have been reporting that they are receiving bogus emails in the form of iTunes receipts that would seem to be phishing for information.
How do you know if you’ve received one of these messages?
1. Look at the amounts:
Not only do these amounts not add up, they are completely inconsistent.
2. Check the long header information. This will require that you click on the message in your email program (here I am using Apple’s Mail app) and from the View menu select message–> Long Headers.
What you are them presented with is the long header information which will include some of the telltale signs this is bogus.
- Bad return path – it’s not to iTunes. Should be do_not_reply@itunes.com
- Bad receive information – this one is coming from Russia
As always, with any type of email you receive that you aren’t sure of DON’T CLICK ANYTHING. People are getting very good at disguising emails to make them look legitimate and have you start clicking things and that is where you get yourself in trouble.
When you have a question ask a friend, a colleague or your IT staff for help… if you don’t have someone like that available to help DELETE!!!
[NOTE: Special thanks to Steve Clayton, my network manager for pointing out the header information.]
Apple has a special “reportphishing@apple.com” email address set up to report these types of incidents. For more info, please see:
http://www.apple.com/mobileme/news/2008/08/being-phishing-aware.html
(This article is fairly old and focused around MobileMe, but the email address is still active and can be used to report any phishing attempts.)
Good luck!