Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Rescue email phishing scam from id.apple.com

I think there's a new scam going around. This morning I recieved, completely out of the blue, an email supposedly from appleid@id.apple.com telling me to confirm my rescue email address. The email looked genuine and the links, when hovered over, seemed to go to the right place but id.apple.com isn't familiar to me, I've not made any account changes recently, and Apple don't use rescue emails do they?

Also - I don't think Apple just email people out of the blue with requests for personal information like this.

So this would appear to be a new phishing attempt. Looks like a scam, smells like a scam and tastes like a scam.

If anyone knows any different it would be interesting to hear their opinions. For the time being I forwarded the email to Apple's phishing dept and trashed it.


Email :

User uploaded file


Message was edited by: chrisell - added pic of email

iPhone 4S, Windows 7

Posted on Apr 20, 2012 8:54 AM

Reply
Question marked as Best reply

Posted on Apr 20, 2012 9:41 AM

Ok so I know what happened now. Someone else in my family was presented with the new security questions this morning on their phone but couldn't go any further without supplying a "rescue" email address. Like most people, they only have one email address and Apple won't let you use the same email for the primary and "rescue" address (obviously). So they used my email address instead, hence the verification email for their account coming to me.


This would appear to be genuine then.

61 replies
Question marked as Best reply

Apr 20, 2012 9:41 AM in response to chrisell

Ok so I know what happened now. Someone else in my family was presented with the new security questions this morning on their phone but couldn't go any further without supplying a "rescue" email address. Like most people, they only have one email address and Apple won't let you use the same email for the primary and "rescue" address (obviously). So they used my email address instead, hence the verification email for their account coming to me.


This would appear to be genuine then.

Apr 21, 2012 9:37 AM in response to chrisell

I got a similar e-mail and agree it looks deeply suspicious.


The normal apple ID domain is appleid.apple.com. I checked my account separately and there is nothing that needs verifying. Apple do seem to be updating security details - but then scammers know that too and may be jumping on the bandwaggon.


An e-mail linking to a web page that then asks for your account details - if it is real then Apple are being a bit dumb because this is exactly the sort of thing we have come to expect from phishing. I will not be responding to it.


Ali

Apr 21, 2012 3:52 PM in response to chrisell

It's not a phishing scam. iTunes has recently implemented a new security system with 3 security questions and a rescue email. If you haven't been yet, you will be asked to enter some information the next time you try to buy something from iTunes. One of these fields is the rescue email which is optional, but will let you recover your account if you need to.

Apr 22, 2012 2:28 AM in response to Babaganoosh

"If you log directly into your Apple ID support page, it mentions the rescue email in it. So that proves that the rescue thing is not a phishing scam."


Actually it doesn't for me. I have not yet been asked for the security questions nor a rescue e-mail by my iPad and no one I know has used my e-mail address for their rescue set-up (or at least none are owning up to it) so I am still uncertain about whether this is the real thing.


I accept that Apple are sending out similar e-mails and perhaps this is a genuine example. But if so I still think Apple are being dumb - normally up such an e-mail link takes you to a page that immediately says "thanks for confirming..." but this one asks you to enter both your ID and password. That is just asking for cynics like me to refuse or for scammers to start sending out copycat e-mails.


Ali

Apr 22, 2012 7:09 AM in response to Babaganoosh

I don't see it. Maybe it's because I'm not a US based user. Only one security question and no email option... If moving to three questions and a security email is something coming, why have they sent it to me when I can't implement it. I'm filing the original mail and not actioning. It's too weird. Request to Apple: Make it clear what needs to be done, with instructions on how to access the right places direct from the apple site, not from an email, and who it applies to, who not...

Apr 22, 2012 8:06 AM in response to Babaganoosh

"See for yourself:

https://appleid.apple.com/cgi-bin/WebObjects/MyAppleId.woa/

Once you sign in, the rescue option is right there."


Yup, that is exactly what I did but there is no mention of a rescue option nor rescue e-mails for me. Just normal settings and "normal" e-mail addresses. Like francksn I am not US based and agree with the "Request to Apple..."


Ali

Rescue email phishing scam from id.apple.com

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.