I just got the same thing. I checked my account. I wasnt charged $400. The email is well crafted though. It looked like this:
+Order Number: 2693448+
+Receipt Date: 01/10/10+
+Order Total: $066.99+
+Billed To: Store Credit+
+Item Number Description Unit Price+
+1 Whatever You Like [Digital 45]+
+Write a Review Report a Problem $402.99+
+Order Total: $099.99+
+Please retain for your records.+
+Please See Below For Terms And Conditions Pertaining To This Order.+
+You can find the iTunes Store Terms of Sale and Sales Policies by launching your iTunes application and clicking on Terms of Sale or Sales Policies+
+Answers to frequently asked questions regarding the iTunes Store can be found at http://www.apple.com/support/itunes/store/ +
+Account Information • Purchase History+
+Apple respects your privacy.+
+Information regarding your personal information can be viewed at http://www.apple.com/legal/privacy/+
+Copyright © 2008 Apple Inc. All rights reserved+
The email was very well crafted, it looked exactly like an iTunes email receipt, but every link went to a site:
I added the “.jerks” to invalidate the url so no one clicks on it. It redirected me to a site that started loading FLASH! A dead giveaway that you are NOT looking at an Apple Inc website is that it contains FLASH!!!
I double checked that I had not been charged $400 and I noticed that that email that is listed as “charged to” is not mine. Not even close. It did scare me for about 60 seconds though.
BE WARNED!! And be careful out there everyone!
They must be mass spamming these out.
I don’t know how to do it myself, but it is possible to fake a ”sent from” email address. It is probably hidden in the code of the email header itself.
I did foolishly click on a link before I just hovered over it to see the strange preview of the link pop up. I didn’t let the flash page load…
I also unplugged and rebooted my router so that I could get a new IP address by reconnecting to the servers (sometimes it pays NOT to have a static IP). That way if the email was able to report back to the makers, they won’t have access to my computer.
And what the heck was the point of that anyway? April Fools?
I am sure that if you go to that page that the email links to, and if that page loads, it would ask you sign in.
Then they have your password and Apple ID, then they have access to your credit card.
And then, they take a vacation with your money….
I don't know how the creator of the e-mail got the official firstname.lastname@example.org address either, but it's a virus or worm from some guy in Australia. If you clicked on any of the links you will infect your computer. I tried to find an e-mail address to contact Apple, but apparently Apple doesn't want general support e-mail. I hope they monitor these discussions and figure out how to stop the guy.
Users are receiving these at work, don't know how many yet, just starting to run intel on the domains: -- (DON'T CLICK ON THE LINK FOLKS) -
1. Listed more than once in the email
2. Listed in the detail email header - and likely forged...
Delete, don't click. Our particular system is flagging these as SPAM.
If you hover over the links in Microsoft Outlook, you will see where they really point. Mine all point to: http://fqkkoifa.info/
Any correspondence that claims to come from one domain, but directs you to another bogus-looking one is almost certainly a scam!
It's a phishing scam. I've received several of these today to one of my e-mail addresses that would never be used for any online purchases. Although it looks real, hold your cursor over any of the links and (in this one at least) they all go to http://iuhyoagt.info, which WHOIS reports is:
Cloud Nine Work Group - C9WG
305, Habitat Cedar Apt. Kodigehalli
Thindlu Main Road, Thindlu,
Bangalore, Karnataka 560097
Just a few weeks ago I went through a similar set of e-mails (almost 50), all to this same e-mail address) about bogus purchases from Amazon.com.