Tyumen72

Q: https://research.applesurveys.com

Who is this or what is this?

 

Mail came a letter from the recipient of the spam? phishing link? or is it really from Apple?

Posted on Sep 22, 2016 2:31 AM

Close

Q: https://research.applesurveys.com

  • All replies
  • Helpful answers

  • by LucoBrasi,

    LucoBrasi LucoBrasi Sep 22, 2016 2:42 AM in response to Tyumen72
    Level 3 (940 points)
    Sep 22, 2016 2:42 AM in response to Tyumen72

    You will find more information about phishing attempts here:

    https://www.apple.com/legal/more-resources/phishing/

    https://support.apple.com/en-us/HT204759

  • by Tyumen72,

    Tyumen72 Tyumen72 Sep 22, 2016 2:59 AM in response to LucoBrasi
    Level 1 (8 points)
    Sep 22, 2016 2:59 AM in response to LucoBrasi

    This is not an answer! I need an answer to a question, not a reference!

  • by red_menace,

    red_menace red_menace Sep 22, 2016 4:30 PM in response to Tyumen72
    Level 6 (15,536 points)
    Desktops
    Sep 22, 2016 4:30 PM in response to Tyumen72

    Those are Apple's support pages about phishing - you aren't going to get much better than that, unless you are just looking for someone to copy/paste from those pages.

  • by etresoft,Solvedanswer

    etresoft etresoft Sep 22, 2016 8:16 PM in response to Tyumen72
    Level 7 (29,233 points)
    Mac OS X
    Sep 22, 2016 8:16 PM in response to Tyumen72

    Hello Tyumen72,

    Unfortunately, this is apparently genuine.

     

    I used Network Utility to look up the domain name "applesurveys.com" on "whois.internic.net":

     

    Internic told me to use this whois server:

       Domain Name: APPLESURVEYS.COM

       Registrar: CSC CORPORATE DOMAINS, INC.

       Sponsoring Registrar IANA ID: 299

       Whois Server: whois.corporatedomains.com

       Referral URL: http://www.cscglobal.com/global/web/csc/digital-brand-services.html

       Name Server: NSERVER.APPLE.COM

       Name Server: NSERVER2.APPLE.COM

       Name Server: NSERVER3.APPLE.COM

       Name Server: NSERVER4.APPLE.COM

       Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited

       Updated Date: 11-nov-2014

       Creation Date: 22-oct-2007

       Expiration Date: 22-oct-2018

     

    So I plug "whois.corporatedomains.com" into the search field instead of "whois.internic.net" and I get:

     

    Domain Name: applesurveys.com

    Domain ID: 1291918616_DOMAIN_COM-VRSN

    WHOIS Server: whois.corporatedomains.com

    Referral URL: www.cscprotectsbrands.com

    Updated Date: 2014-11-11T19:55:45Z

    Creation Date: 2007-10-22T20:28:40Z

    Registry Expiry Date: 2018-10-22T20:28:40Z

    Sponsoring Registrar: CSC CORPORATE DOMAINS, INC.

    Sponsoring Registrar IANA ID: 299

    Registrar Abuse Contact Email: domainabuse@cscglobal.com

    Registrar Abuse Contact Phone: +1.8887802723

    Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited

    Registry Registrant ID:

    Registrant Name: Domain Administrator

    Registrant Organization: Apple Inc.

    Registrant Street: 1 Infinite Loop

    Registrant City: Cupertino

    Registrant State/Province: CA

    Registrant Postal Code: 95014

    Registrant Country: US

    Registrant Phone: +1.4089961010

    Registrant Phone Ext:

    Registrant Fax: +1.4089741560

    Registrant Fax Ext:

    Registrant Email: domains@apple.com

    Registry Admin ID:

    Admin Name: Domain Administrator

    Admin Organization: Apple Inc.

    Admin Street: 1 Infinite Loop

    Admin City: Cupertino

    Admin State/Province: CA

    Admin Postal Code: 95014

    Admin Country: US

    Admin Phone: +1.4089961010

    Admin Phone Ext:

    Admin Fax: +1.4089741560

    Admin Fax Ext:

    Admin Email: domains@apple.com

    Registry Tech ID:

    Tech Name: Domain Administrator

    Tech Organization: Apple Inc.

    Tech Street: 1 Infinite Loop

    Tech City: Cupertino

    Tech State/Province: CA

    Tech Postal Code: 95014

    Tech Country: US

    Tech Phone: +1.4089961010

    Tech Phone Ext:

    Tech Fax: +1.4089741560

    Tech Fax Ext:

    Tech Email: apple-noc@apple.com

    Name Server: nserver.apple.com

    Name Server: nserver4.apple.com

    Name Server: nserver2.apple.com

    Name Server: nserver3.apple.com

    DNSSEC: unsigned

    URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/

    >>> Last update of WHOIS database: 2014-11-11T19:55:45Z <<<

     

    When I try "dig applesurveys.com", it tells me this is an Apple site:

     

    ;; AUTHORITY SECTION:

    applesurveys.com. 351 IN SOA gridmaster-ib.apple.com. hostmaster.apple.com. 14 1800 900 2592000 1800

     

    I guess it is real.

  • by Tyumen72,

    Tyumen72 Tyumen72 Sep 22, 2016 8:19 PM in response to etresoft
    Level 1 (8 points)
    Sep 22, 2016 8:19 PM in response to etresoft

    Etresoft, Thank you very much for your answer