Apple Event: May 7th at 7 am PT

Learn more

Add to your calendar 

Newsroom Update

Apple is introducing a new Apple Watch Pride Edition Braided Solo Loop, matching watch face, and dynamic iOS and iPadOS wallpapers as a way to champion global movements to protect and advance equality for LGBTQ+ communities. Learn more >

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: mickers1
mickers1 Author
User level: Level 1
8 points

Is this spam?

I've never received this before.

Though Apple normally notifies me of things via email, someone instead emailed my phone number saying this:


Dear (my full name),

Your Apple ID (my email) was signed in iMessage on Dan 's iPhone.


Device: iPhone 5c

IP address:17.172.224.47

OS: iOS 8.2


If you believe an unauthorized person accessed your account, please sign in and manage your account immediately by going to http : // icloud - imessage .com/ info/ us/ page? token = e60dc18f -1


Thanks

Apple Support


I searched and didn't find anyone else with this exact email. I changed my password anyway via iTunes, but is this legit?


Thanks!


<Link Edited by Host>

Posted on May 27, 2015 6:43 AM

Reply
22 replies
User profile for user: JJSS09
JJSS09
User level: Level 1
0 points

Jul 7, 2015 10:31 AM in response to Ubiquit0us

That is irrelevant, and part of the scam. Run a Whois lookup and you'll find the domain account-imessage.com is NOT owned by Apple. Going to that domain in a browser redirects to https://appleid.apple.com which makes it seem like it could be owned by Apple... however it's just a redirect. This message, with the exact same body (including the name "Dan 's iPhone", along with the same IP and OS), is being sent to lots of people. This is a pretty sophisticated phishing scam.

Reply
User profile for user: Lawrence Finch
Lawrence Finch
User level: Level 10
202,972 points

Aug 5, 2015 3:32 PM in response to AJ397

questionasker3 wrote:


IPs can be spoofed. Don't judge the authenticity of a site based on IP alone.

Time for a sanity check. No, IP addresses cannot be spoofed. Your router may have malware that will redirect an IP address, but that isn't spoofing, and is about as likely as you winning the lottery.


URLs cannot be spoofed either; however what you see in blue in a link is a LABEL, not where the link actually goes. For example, the blue text may say appleid.apple.com, but if you click it you can be sent to MalwareRUs.ru. Fortunately, with all modern browsers if you hover your mouse over the blue label it will display the actual target URL, and if it doesn't match what was in blue don't click on it. But even if you click on it by mistake you will know immediately, because the address bar at the top of your browser will display MalwareRUs.ru.


Regarding URLs, the key element is the end of it, or the last part before the first single slash. So appleid.apple.com is a legitimate Apple URL. As is apple.com/store, because the last thing before the first slash is apple.com.

Reply
User profile for user: Taz1961
Taz1961
User level: Level 1
1 points

Dec 3, 2015 7:20 PM in response to mickers1

According to Apple support the following message received 11.15.2015 on iMessage iPhone 6 is NOT from Apple:



Your Apple ID [REDACTED] was signed in iMessage on Dan 's iPhone.


Device: iPhone 5c

IP address:17.172.224.47

OS: iOS 8.2


If you believe an unauthorized person accessed your account, please sign in and manage your account immediately by going to [REDACTED URL]

Thanks

Apple Support

Reply

Is this spam?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up