Skip navigation

Rescue email phishing scam from id.apple.com

58129 Views 57 Replies Latest reply: Nov 19, 2013 4:21 PM by mhjohn83 RSS
  • jovike Calculating status...
    Currently Being Moderated
    Apr 24, 2012 12:24 AM (in response to skewstudio)

    I got one of these emails this morning and was suspicious because I have already provideded a rescue email address that is not my normal mac.com. This new one is saying that my me.com is my rescue email, but I had never entered this into the process. I will not be entering my password into that webpage!

  • mortalghost Calculating status...
    Currently Being Moderated
    Apr 24, 2012 2:09 PM (in response to chrisell)

    I had the same thing happen.  If it is a scam its an amazingly good one. I filled it out after contemplating, then googled it and got here.  Just to make sure, I signed onto my accound throught iTunes on my computer.  The rescue email I entered was there in iTunes so that means 1 of two things

     

    1. Its legit

    2. the scam has a way to take your info and still update what you entered through iTunes.

     

    So just to be sure while still signed in through iTunes I just went ahead and changed my password.  Since I was signed in directly through iTunes, I wasn't worried.

     

    I dont get why apple would make the address    id.apple.com when their typical one is appleid.apple.com

  • Tamar Tiger Calculating status...
    Currently Being Moderated
    Apr 27, 2012 10:53 AM (in response to skewstudio)

    I'm not convinced that this isn't a phishing scam because the email I received was incorrect.  I find it hard to believe that Apple would make a mistake and get the email addresses mixed up the email I got stated:

     

    "You’ve taken the added security step and provided a rescue email address. Now all you need to do is verify that it belongs to you.

    The rescue email address that you gave us is iXXXXXXXXXXXXXXXXXXX. Just click the link below to verify, sign in using your Apple ID and password, "

     

    Unfortunately the email they stated was my primary email address and not the rescue email I added recently.

     

    I won't be responding to the email - because the one I received didn't resonate with Apple efficiency: a good attempt but just not good enough to convince me

  • TMG007 Calculating status...
    Currently Being Moderated
    Apr 27, 2012 3:42 PM (in response to chrisell)

    I think it's a fake. The Verify e-mail came to me from AppleID@ID.appleid.com.akadns.net so doesn't look like a genuine apple address. You also get to a site where it asks for a password, not usually what genuine Verify e-mails do.

  • bstone81 Calculating status...
    Currently Being Moderated
    Apr 29, 2012 8:46 AM (in response to TMG007)

    We need an official Apple person to jump in and verify. Any Apple folks out there?

  • Paul Beck2 Calculating status...
    Currently Being Moderated
    Apr 29, 2012 10:17 AM (in response to chrisell)

    I am not convinced that this email is real.  I have made no changes to my iTunes Account.  I have never entered an alternate email address, nor have I EVER seen the term "rescue email" used in conjunction with Apple.  To be suddenly prompted to enter my account info via unsolicited email is the hallmark of a phishing scam.

  • mortalghost Level 1 Level 1 (0 points)
    Currently Being Moderated
    Apr 29, 2012 10:31 AM (in response to Paul Beck2)

    Why was it that I signed into my apple account from a completely different computer directly from iTunes and saw the exact same "rescue email" I entered? This whole thing just seems all to odd.

  • DrEntropy Calculating status...
    Currently Being Moderated
    Apr 30, 2012 1:06 PM (in response to chrisell)

    I also received this email, and agree it looks phishy.  I did add a rescue email, so the timing is right, but the id.apple.com seemed odd. So what I did is I logged into my apple id the normal way, and added an "additional email" to see it what it would do. It generated another verification email which looks about the same and points to the same site (id.apple.com).  I verified using the first email, and the additional email also showed as verified after I did it.  So it seems that the email is legit, but carefully inspect the link as this is an obvious gateway for phishing.   Apple should know better and provide a way to do this without clicking a link in an email. For example, they can send a code to the email to be verified, then you log in (normally) and paste in the code. A lot of other websites do this.

     

    TL;DR

    Very badly done, Apple.

  • Alley_Cat Level 6 Level 6 (16,620 points)
    Currently Being Moderated
    Apr 30, 2012 1:18 PM (in response to TMG007)

    TMG007 wrote:

     

    I think it's a fake. The Verify e-mail came to me from AppleID@ID.appleid.com.akadns.net so doesn't look like a genuine apple address. You also get to a site where it asks for a password, not usually what genuine Verify e-mails do.

    It may be related to akamai which I believe Apple use for some things.

  • Tim Richards Level 1 Level 1 (25 points)
    Currently Being Moderated
    Apr 30, 2012 1:47 PM (in response to chrisell)

    I got the same thing and I think it is relatd to a new app I bought on my iPhone. The app was SocialCam. During signup I was asked to set a confidential question and alternate email. Lo and behold those two things are what I'm now getting confirmation emails about from Apple. Sooo...I'm wondering if there is a legit connection between getting this new app (Social Cam) or if it is a vehicle for a phishing scam (or worse - did it already breach my account). Anybody else experience any issues relating to SocialCam purchase?

  • Alley_Cat Level 6 Level 6 (16,620 points)
    Currently Being Moderated
    Apr 30, 2012 2:12 PM (in response to Tim Richards)

    Apple are implementing new security with some rather inane juvenile question/answer pairs.

     

    q1s.png

     

    ..for example and other similar themes..

     

    It seems a 'rescue email' address can be provided to retrieve your additional security answers.

     

    Did you have to enter things in order to 'purchase' the app (free or not) or when using the app - if the latter it's odd, if just to purchase it it's probably par for the course.

     

    AC

  • Tim Richards Level 1 Level 1 (25 points)
    Currently Being Moderated
    Apr 30, 2012 2:25 PM (in response to Alley_Cat)

    I think it was when I tried to set up the app to use it - however, I was a bit distracted while I was getting/setting it up. I think I finally resolved it though - I went to the AppleID page and told it to resend me the verification email. That confirmed that it really was an email from Apply. Once I confirmed the rescue address via email, it showed up as such on the AppleID website os I think it is legit. Interesting, it has been harder than I thought it would be to determine that this was no phishing. Thanks for the input.

  • JabLab Calculating status...
    Currently Being Moderated
    May 1, 2012 5:50 AM (in response to chrisell)

    It's legit but very, very poor form by Apple. The wording of the e-mail is poor, the id of the link is sus and the requirement to re-enter AppleId and Password etc just smacks of a phishing scam. I even logged on directly to my Account and there is no mention of a rescue email address.

     

    After hours of trying to determine if the e-mail I received was legitimate or not my wife comes home and tells me she tried to use the AppStore and was asked to provide an alternate e-mail address and she gave it mine! So it is legitimate.

     

    She was also extremely unimpressed by the puerile question/answer options being offered. I guess I'll now go and click on the e-mail link to confirm but BIG THUMBS DOWN to Apple.

  • johnfromhindhead Calculating status...
    Currently Being Moderated
    May 2, 2012 8:37 AM (in response to chrisell)

    I saw the domain akadns.net and feared the worst (aka meaning 'also known  as', dns meaning dns) so asked Apple how I should report the scam.  The response was that they use some outfit called Akamai to distribute content (whatever that means) and the domain is legitimate.  With that reassurance I opened the e-mail (I'd only viewed the headers up to that point)

     

    ‘Rescue e-mail address’ is something I’d never heard of before being intercepted into signing up for it by the iOS App Store last night.  I nearly used the word ‘mugged’ instead of ‘intercepted’ as it was unasked-for, interrupted the process that I had started, and was badly explained. The questions were pretty infantile too.

     

    I try very hard never to confirm personal details in response to an unsolicited e-mail from a domain I don’t recognise, and in fact, keep the MS Outlook preview pane closed so that I don’t accidentally open e-mails of this sort - in case they carry an unwanted payload.

     

    I still don’t get the concept and think that it probably reduces my security rather than increasing it, by giving two routes for someone to get hold of my Apple ID rather than one. Has this been thought through properly by people that understand security or is it just a marketing wheeze?

  • RacesDad Calculating status...
    Currently Being Moderated
    May 2, 2012 7:33 PM (in response to chrisell)

    Why does apple need to confirm my iTunes login info when what they need to do is confirm the alternate rescue email ?

     

    To paraphrase in Geek  -   "What does GOD need with a Starship ?"

Actions

More Like This

  • Retrieving data ...

Bookmarked By (2)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.