You can make a difference in the Apple Support Community!
When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.
When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.
I am not even on LinkedIn, and yet I received two strange messages yesterday and today. One message says for me to stop sending spam messages for my business. As I said, I am not even a member of LinkedIn. Do you suppose someone I know, who has my email, has been affected by malware, and their contacts are being used fictiously? How do I make this stop?
iMac, Mac OS X (10.3)
Hi, Yes I've received a similar e-mail today and previously 2 others last week. These are spam e-mails designed to get you to follow a link to a fraudulent site that can load malware onto your machine in order to steal bank IDs and passwords. Don't click on any link in the e-mail just delete it straight away.
MarieJ1 wrote:
I've received three spam emails (two yesterday and one today) supposedly from LinkedIn. Thinking I could report the first one as spam to LinkedIn, I opened the email (can't believe now that that I was stupid enough to do that!) and was directed to a pharmacy site. I immediately bounced both. But when a third email arrived this morning I really became suspicious; I did a web search and discovered that these are scam emails known to instal ZeuS malware. Now I'm really worried. Could my banking details have been compromised? Could an anti-virus program such as ClamXav show whether this malware was installed? Any advice would be greatly appreciated.
Marie
It's unlikely you've picked up something malicious that will affect your Mac - like you I Googles and found out bout the ZeuS malware. This does not mean you might not have inadvertently downloaded something as often links can link to downloads - on its own that file will not do much. Safari has a Preference to Open "safe" files after downloading - I'd advise you to disable that in the General pane of Safari whether you use it or not, as last year malware tried to run an installer via this mechanism BUT required user intervention to install it.
If you get any unexpected popups asking to install things (even if they have legitimate sounding names) and for administrator passwords then stop, quit the installer and seek advice.
While these LinkedIn spoof e-mails look genuine they are unlikely to be from there at all and are forged/fraudulent according to a response I've had from LinkedIn (I asked if someone may have been using my e-mail credentials in a genuine LinkedIn account).
In general if you get odd/unexpected e-mails that look official then never click on the links - hovering over them may show odd addresses. Aleways be wary/cynical and if an e-mail looks official go instead to that company's website and seek advice rather than clicking any unsubscribe buttons or links in the e-mail that will simply serve to confirm your e-mail address is real to the spammers or send you to a spoofed/unsavoury link.
No harm using ClamXAV to look for any maliciouswindows files even though they won't affect OS X.
AC
Anic264b wrote:
Alley_Cat wrote:
I had security breaches flagged up to me from crucial.com and play.com (both UK) last year.
It wasn't play.com, could have been crucial.com or any other vendor I've used this rather generic e-mail address for I suppose...
You know what? I've bought RAM for my Mac Pro, twice, from crucial.com as well. What a coincidence!
I doubt all the affected e-mails have been obtained from the same place but you never know. I assume it's just a pool of 'harvested' emails from multiple sources that get spammed.
AC
clare171 wrote:
powerbook1701 wrote:
I wonder too, if it could be aol that got hacked. Many of us have ichat accounts that use our old mac.com email...
Maybe not. I've never had anything to do with aol, as far as I know anyway. Haven't ordered anything from crucial.com either, sorry Alley_Cat
Sorry, I was just talking about my case specificallt - - I suspect the e-mails are harvested from multiple sources to send spam so not necessarily one common denominator.
mobileme users will gravitate here as they're Apple forums.
MadMacs0 wrote:
There are no reported instances of ZeuS installation or operation on a Mac.
Agreed.
Trouble is the spammers are always trying to get one step ahead of the innocent user so you can never be sure you're not being targetted by a new threat - the social engineering aspects are the tricky ones, like the spoof e-mails asking you to stop spamming someone - you naturally want to reply to exhonerate yourself!
In an earlier post, I offered a suggestion as to how our email addresses are gathered:
I believe members can upload their address books in order to find connections and people to add to their network, so if you have friends who are members and they have uploaded their address book, this is one way linked in spammers have gathered your email address.
I believe spam messages to members and non-members have been an issue for linked in for a long time. It has certainly turned me off using this service.
I have received 5 more messages since my first post - and like another poster, I have received one of those 'stop spamming me' messages!
Alley_Cat wrote:
Safari has a Preference to Open "safe" files after downloading - I'd advise you to disable that in the General pane of Safari whether you use it or not, as last year malware tried to run an installer via this mechanism BUT required user intervention to install it.
Does Safari really considers an application a "safe file"? If yes, that's a mistake!
If no, then I really prefer these safe files to open automatically, as I dislike to go to the Finder to search the file in my "huge" download folder just to open it myself. Now, of course, if Safari considers an application a "safe file", it matters to think more…
Alley_Cat wrote:
In general if you get odd/unexpected e-mails that look official then never click on the links - hovering over them may show odd addresses. Aleways be wary/cynical and if an e-mail looks official go instead to that company's website and seek advice rather than clicking any unsubscribe buttons or links in the e-mail that will simply serve to confirm your e-mail address is real to the spammers or send you to a spoofed/unsavoury link.
Assuming you know the website from where the mail is "supposed" to come from, of course.
You gave me a good advice. I had often unsubscribed from advertising mails, because these were companies I really had visited before (I couldn't remember I had subscribed to anything, however). Thanks for your advice.
However, there are times where unsubscribing is really necessary. How else than clicking the link can one unsubscribe?
Anic264b wrote:
Alley_Cat wrote:
Safari has a Preference to Open "safe" files after downloading - I'd advise you to disable that in the General pane of Safari whether you use it or not, as last year malware tried to run an installer via this mechanism BUT required user intervention to install it.
Does Safari really considers an application a "safe file"? If yes, that's a mistake!
If no, then I really prefer these safe files to open automatically, as I dislike to go to the Finder to search the file in my "huge" download folder just to open it myself. Now, of course, if Safari considers an application a "safe file", it matters to think more…
Applications that are launched will always give you a warning that they are new and were downloaded from the internet, so you get a chance to cancel, but in the malware example that was mentioned it was an installer package (.pkg) that was being launched automatically. You still needed to approve the installation and in the first versions, enter your admin password, but the password requirement went away with later versions. Some people blindly do such things, which is why you should always ask yourself if this is something you expected to happen and feel confident in agreeing to. If you downloaded from a trusted source, you should be fine, but if you just stumbled across a site that offeres to "help", beware.
There are now JavaScripts that can be embedded in email, web pages, even PDF files that are considered "safe" by Safari but could contain code that would be harmful to your computer.
I have often unsubscribed from advertising mails as well. However, if it is from a company I know I haven't subscibed to personally I actually call them personally and have them take me off all mailing lists since one list is usually linked to several.
By the way, I still have these Linkedin e-mails unopened in my inbox in my .mac account. How do I get rid of them? I know I need to click on the e-mail to move it to junk but If I click on it is that sending a message to the spammer?
How else than clicking the link can one unsubscribe?
You can right click and select copy link location. You can enter the actual URL for the link in WOT and see what comes up for it. If you are satisfied it looks legitimate, then enter it in your browser. Never click on a link directly in an email unless you are 100% confident it's coming from where it says it is and you can trust it. Also, hover the mouse over the link. The actual URL should appear there in a yellow box (tool tip.) Shortened links, as in bit.ly, are much more difficult to research.
csfromma wrote:
By the way, I still have these Linkedin e-mails unopened in my inbox in my .mac account. How do I get rid of them? I know I need to click on the e-mail to move it to junk but If I click on it is that sending a message to the spammer?
Not at all. It's only possible to send a message to the spammer if you actually open the message for reading and have elected to Display remote images in HTML messages. Most spam doesn't even do that these days. I would not move it to junk, rather highlight it with a single click and hit the delete button, and if that moves it to Trash then select "Erase Deleted Messages->mac.com" from the Mailbox menu.
MadMacs0 wrote:
Applications that are launched will always give you a warning that they are new and were downloaded from the internet, so you get a chance to cancel, but in the malware example that was mentioned it was an installer package (.pkg) that was being launched automatically.
Yes, but my point also applies to pkg files: they should not be considered safe files.
MadMacs0 wrote:
There are now JavaScripts that can be embedded in email, web pages, even PDF files that are considered "safe" by Safari but could contain code that would be harmful to your computer.
If things were done right, JavaScript would be sandboxed (or similar) and not be allowed to touch filesystems or download things to the user without visual indication and way(s) to cancel. Of course, automatic execution of downloaded code is the worse thing, which the OS must prohibit (in an ideal world, that is).
Thanks for sharing the WOT link. What a useful site! I usually send phishing to US-CERT and sometimes check out their security updates. Once someone kept trying to steal my Wordpress password, I sent and email to them and I actually got a phone call! The agent didn't think much of the Wordpress service because of security and accountability issues. Pretty sites don't mean much to homeland security.
You know you can have WOT permanently either as a Safari or Firefox extension.
miloks wrote:
In an earlier post, I offered a suggestion as to how our email addresses are gathered:
I believe members can upload their address books in order to find connections and people to add to their network, so if you have friends who are members and they have uploaded their address book, this is one way linked in spammers have gathered your email address.
I believe spam messages to members and non-members have been an issue for linked in for a long time. It has certainly turned me off using this service.
I'm sure you're right - I don't know enough about this company - to be honest I steer clear of all kinds of social networking business related or not.
AC
Anic264b wrote:
Alley_Cat wrote:
Safari has a Preference to Open "safe" files after downloading - I'd advise you to disable that in the General pane of Safari whether you use it or not, as last year malware tried to run an installer via this mechanism BUT required user intervention to install it.
Does Safari really considers an application a "safe file"? If yes, that's a mistake!
If no, then I really prefer these safe files to open automatically, as I dislike to go to the Finder to search the file in my "huge" download folder just to open it myself. Now, of course, if Safari considers an application a "safe file", it matters to think more…
I can't remember the exact mechanism but going to some websites resulted in automatic downloading of a zipped application - the archive was regarded as safe and hence unzipped the 'legitimate sounding' application then ran automatically and bombarded the user with unsavoury sites/popups - the application would then 'detect' malware and direct the user to a scam site to pay to get rid of all this rubbish.
http://support.apple.com/kb/HT4650
(refresh page if it doesn't work first time).
AC
Is anyone else receiving LinkedIn spam messages?
