Q: Rescue email phishing scam from id.apple.com

I got one of these emails this morning and was suspicious because I have already provideded a rescue email address that is not my normal mac.com. This new one is saying that my me.com is my rescue email, but I had never entered this into the process. I will not be entering my password into that webpage!

I had the same thing happen.  If it is a scam its an amazingly good one. I filled it out after contemplating, then googled it and got here.  Just to make sure, I signed onto my accound throught iTunes on my computer.  The rescue email I entered was there in iTunes so that means 1 of two things

1. Its legit

2. the scam has a way to take your info and still update what you entered through iTunes.

So just to be sure while still signed in through iTunes I just went ahead and changed my password.  Since I was signed in directly through iTunes, I wasn't worried.

I dont get why apple would make the address    id.apple.com when their typical one is appleid.apple.com

I'm not convinced that this isn't a phishing scam because the email I received was incorrect.  I find it hard to believe that Apple would make a mistake and get the email addresses mixed up the email I got stated:

"You’ve taken the added security step and provided a rescue email address. Now all you need to do is verify that it belongs to you.

The rescue email address that you gave us is iXXXXXXXXXXXXXXXXXXX. Just click the link below to verify, sign in using your Apple ID and password, "

Unfortunately the email they stated was my primary email address and not the rescue email I added recently.

I won't be responding to the email - because the one I received didn't resonate with Apple efficiency: a good attempt but just not good enough to convince me

I think it's a fake. The Verify e-mail came to me from AppleID@ID.appleid.com.akadns.net so doesn't look like a genuine apple address. You also get to a site where it asks for a password, not usually what genuine Verify e-mails do.

We need an official Apple person to jump in and verify. Any Apple folks out there?

I am not convinced that this email is real.  I have made no changes to my iTunes Account.  I have never entered an alternate email address, nor have I EVER seen the term "rescue email" used in conjunction with Apple.  To be suddenly prompted to enter my account info via unsolicited email is the hallmark of a phishing scam.

Why was it that I signed into my apple account from a completely different computer directly from iTunes and saw the exact same "rescue email" I entered? This whole thing just seems all to odd.

I also received this email, and agree it looks phishy.  I did add a rescue email, so the timing is right, but the id.apple.com seemed odd. So what I did is I logged into my apple id the normal way, and added an "additional email" to see it what it would do. It generated another verification email which looks about the same and points to the same site (id.apple.com).  I verified using the first email, and the additional email also showed as verified after I did it.  So it seems that the email is legit, but carefully inspect the link as this is an obvious gateway for phishing.   Apple should know better and provide a way to do this without clicking a link in an email. For example, they can send a code to the email to be verified, then you log in (normally) and paste in the code. A lot of other websites do this.

TL;DR

Very badly done, Apple.

TMG007 wrote:

 

I think it's a fake. The Verify e-mail came to me from AppleID@ID.appleid.com.akadns.net so doesn't look like a genuine apple address. You also get to a site where it asks for a password, not usually what genuine Verify e-mails do.

It may be related to akamai which I believe Apple use for some things.

I got the same thing and I think it is relatd to a new app I bought on my iPhone. The app was SocialCam. During signup I was asked to set a confidential question and alternate email. Lo and behold those two things are what I'm now getting confirmation emails about from Apple. Sooo...I'm wondering if there is a legit connection between getting this new app (Social Cam) or if it is a vehicle for a phishing scam (or worse - did it already breach my account). Anybody else experience any issues relating to SocialCam purchase?

Apple are implementing new security with some rather inane juvenile question/answer pairs.

..for example and other similar themes..

It seems a 'rescue email' address can be provided to retrieve your additional security answers.

Did you have to enter things in order to 'purchase' the app (free or not) or when using the app - if the latter it's odd, if just to purchase it it's probably par for the course.

AC

I think it was when I tried to set up the app to use it - however, I was a bit distracted while I was getting/setting it up. I think I finally resolved it though - I went to the AppleID page and told it to resend me the verification email. That confirmed that it really was an email from Apply. Once I confirmed the rescue address via email, it showed up as such on the AppleID website os I think it is legit. Interesting, it has been harder than I thought it would be to determine that this was no phishing. Thanks for the input.

It's legit but very, very poor form by Apple. The wording of the e-mail is poor, the id of the link is sus and the requirement to re-enter AppleId and Password etc just smacks of a phishing scam. I even logged on directly to my Account and there is no mention of a rescue email address.

After hours of trying to determine if the e-mail I received was legitimate or not my wife comes home and tells me she tried to use the AppStore and was asked to provide an alternate e-mail address and she gave it mine! So it is legitimate.

She was also extremely unimpressed by the puerile question/answer options being offered. I guess I'll now go and click on the e-mail link to confirm but BIG THUMBS DOWN to Apple.

I saw the domain akadns.net and feared the worst (aka meaning 'also known  as', dns meaning dns) so asked Apple how I should report the scam.  The response was that they use some outfit called Akamai to distribute content (whatever that means) and the domain is legitimate.  With that reassurance I opened the e-mail (I'd only viewed the headers up to that point)

‘Rescue e-mail address’ is something I’d never heard of before being intercepted into signing up for it by the iOS App Store last night.  I nearly used the word ‘mugged’ instead of ‘intercepted’ as it was unasked-for, interrupted the process that I had started, and was badly explained. The questions were pretty infantile too.

I try very hard never to confirm personal details in response to an unsolicited e-mail from a domain I don’t recognise, and in fact, keep the MS Outlook preview pane closed so that I don’t accidentally open e-mails of this sort - in case they carry an unwanted payload.

I still don’t get the concept and think that it probably reduces my security rather than increasing it, by giving two routes for someone to get hold of my Apple ID rather than one. Has this been thought through properly by people that understand security or is it just a marketing wheeze?

Why does apple need to confirm my iTunes login info when what they need to do is confirm the alternate rescue email ?

To paraphrase in Geek  -   "What does GOD need with a Starship ?"