I received this suspicious email today, “Dear Costumer”. At first glance it looks like a legit email, especially when you view it from your phone where the full email address it’s from is cropped.
The email shows it links to “http://appleid.apple.com” but it actually links to x.co… which redirects to “http://appleid.apple.com.support.managed-account.com.2b68c6c9n1a5df2a3e.co.vu/Login.php?sslchannel=true&sessionid=Cnf6UHjnR5Om2LiozvNq7R2nqIIjzuvbSKhMsBajGYGIKY6jtTKBLMZcuHw3b1f3MwQf70yNZewJdC3H” the site looks legit but note the full domain.
Full text of the email reads is below. “Costumer” is already a red flag. I was almost resetting my password through the link but the costumer spelling error stopped me because i was going to tweet about it. This is also another reason why I am peeved whenever brands are careless with their spelling. The day phishers learn to spell will be the day we are all Phucked.
Your Apple ID was used to sign in to iCloud via a web browser.
Date and Time: 26 April 2017, 4:08 AM PDT
Operating System: Windows
If the information above looks familiar, you can disregard this email.
If you have not signed in to iCloud recently and believe someone may have accessed your account, go to Apple ID (https://appleid.apple.com) and change your password as soon as possible.