Doctah

Q: report phishing attacks on iCloud

Just received an email addressed to "recipients@mac.com" which was supposed to look like an email from US Bank but is clearly a phishing email (the usual typos plus which I've never had any account with US Bank). Wondering how I can report this to iCloud so they can investigate?

MacBook Air, Mac OS X (10.7.4)

Posted on Nov 6, 2012 7:30 PM

Close

Q: report phishing attacks on iCloud

  • All replies
  • Helpful answers

  • by Mrs. Miggins,Solvedanswer

    Mrs. Miggins Mrs. Miggins Nov 7, 2012 3:29 AM in response to Doctah
    Level 1 (135 points)
    Nov 7, 2012 3:29 AM in response to Doctah

    Forward the message to spam@me.com

     

    See: http://support.apple.com/kb/TS4019

  • by simsboynton,

    simsboynton simsboynton Jun 9, 2013 7:09 PM in response to Doctah
    Level 1 (14 points)
    iPhone
    Jun 9, 2013 7:09 PM in response to Doctah

    I am answering this question because I’ve received so many spoof/spam messages lately to my email address(es) at me.com. I decided to find out how to report them.

     

    Here’s what I found out:

    Suspicious email messages can be forwarded to one of the following;

      

    Make sure to include the long header.

    Long headers can be displayed using the menubar (see below)

    __email-long-header-navigation.jpg

     

    Then either copy & paste the long header or simply forward the entire message.

    Example of long header from a suspicious email:

    From:   Kikki Howard <noreply@hakahakajkfbczj.googlemoogl.tk>

      Subject:   Kiss to you

      Date:   June 9, 2013 4:21:21 PM PDT

      To:   xxxxx@me.com

      Return-Path:   <noreply@hakahakajkfbczj.googlemoogl.tk>

      Received:   from nk11p00mm-smtpin004.mac.com ([xx.xxx.xxx.xxx]) by ms04574.mac.com (Oracle Communications Messaging Server 7u4-26.01(7.0.4.26.0) 64bit (built Jul 13 2012)) with ESMTP id <0MO5001Y5FJL6NL0@ms04574.mac.com> for xxxxx@me.com; Sun, 09 Jun 2013 23:21:21 +0000 (GMT)

      Received:   from hakahakajkfbczj.googlemoogl.tk ([91.191.18.62]) by nk11p00mm-smtpin004.mac.com (Oracle Communications Messaging Server 7u4-27.05(7.0.4.27.4) 64bit (built Apr 23 2013)) with SMTP id <0MO50002UFJJV0G0@nk11p00mm-smtpin004.mac.com> for xxxxx@me.com (ORCPT xxxxx@me.com); Sun, 09 Jun 2013 23:21:21 +0000 (GMT)

      Received:   from nwk-txn-msbadger0204.apple.com (nwk-txn-msbadger0204.apple.com. [xx.xxx.x.xx]) by xx.xxx.x.xx with HTTP; Mon, 10 Jun 2013 01:21:21 +0200

      Original-Recipient:   rfc822;xxxxx@me.com

      X-Proofpoint-Virus-Version:   vendor=fsecure engine=2.50.10432:5.10.8626,1.0.431,0.0.0000 definitions=2013-06-09_07:2013-06-08,2013-06-09,1970-01-01 signatures=0

      X-Proofpoint-Spam-Details:   rule=notspam policy=default score=0 spamscore=0 ipscore=0 suspectscore=14 phishscore=0 bulkscore=53 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=6.0.2-1305010000 definitions=main-1306090279

      Dkim-Signature:   v=1; a=rsa-sha256; c=simple/simple; d=hakahakajkfbczj.googlemoogl.tk; s=hakahakajkfbczj; h=from:subject:date:to:content-type; bh=tL+/wJmQOT1qfRAmSggBixqXyEIqt839Zb4SbOAPNOM=; b=…lggV4PzuGc/TkDUNdlU=;

      Message-Id:   <0D66EC23-70A1-D480-7514-D280D76FF040@apple.com>

      Mime-Version:   1.0 (Apple Message framework v936)

      Content-Type:   multipart/mixed; boundary="-4277442969-183115831-7904244676=:70228 ”

     

    You can find more info at:

  • by Pepper2222,

    Pepper2222 Pepper2222 Jul 23, 2015 3:16 PM in response to Doctah
    Level 1 (0 points)
    Jul 23, 2015 3:16 PM in response to Doctah

    TThis is not self explanator, where do you begin posting??

    I Would like to report abuse of my ipad 2, it is being used without my permission & was 'Jail-broke' & not by me.  I would like to prevent unauthorized access to my iPad & gmail account on my iPad, iPhone & laptop notebook.  This has been going on for too long!!!  Any help in blocking & etc is welcomed.  I am a disabled Veteran & spend a lot of time on-line, and I don't get out much.  Where do I report the abuse?