Sources are reporting that a convincing-looking phishing email containing a picture of the .Mac "world" logo, "very much in Apple's style," is circling the web. Users of Apple's web service who've recently
moved to MobileMe should take caution when opening and using links provided in suspicious emails.
The email in question is detailed below by Kath Gibson of GlasMUG (
via MacsimumNews):
"Just a warning that there is a rather convincing looking
phishing email doing the rounds, which I've received this evening to my 'public' GlasMUG address," the blogger writes. "The email contains a picture of the .Mac 'world' logo and is very much in Apple's style," says Gibson. "I was so convinced it might be genuine that I went off to check my Apple store account (by opening a browser and navigating there myself, not by clicking any links, of course) to check my details, since I had recently changed my bank."
Gibson continues by explaining that all seemed to be OK with his account, until going back to the email, at which point he "hovered over the clickable 'by clicking here' link and the alt text came up showing that it was actually NOT going direct to the Apple web site." According to Gibson, the website came up as http://www.moosej.com/https/.www.apple.com/us. The man warns readers not to click this link, (and so do we), as it was posted "for your information only to help you identify the fake email."
Navigating to the moosej website, all Gibson could see was the classic "404 not found" message. Whether it's been pulled down, or is maybe just "harvesting 'live' emails for spam by tracking the click-throughs," the author of the post strongly recommends that users do not click the link.
Gibson also advises those who have friends using .Mac to let them know of this phishing email, claiming concerns over the timing - the switch to MobileMe occurring just last week -, as people might be tempted "to think it's real, and could be preventing their transition to the new system, and will click the link," Gibson writes.
