"Verify AppleID before we closed your account" ...
 

......within 24 hours. In the text it suggested opening an attached pdf (says it's secure??). Nothing seems to have changed on SWMBO's iPad. Is this some sort of scam?

The Ancient Mariner

Definitely.
If in doubt log in to the account in question completely independently i.e. use another computer. If no notification there, it's a scam.

Almost certainly a scam of the phishing variety. Never log in to anything via a link from an email, always go via correct path (e.g. favourite or bookmark) to relevant site and log in there.

Apple never asks for confirmation in this manner. You may be asked to supply your password when downloading apps or media from the official App Store, even when it is free, but that is it.

You can check, alter and confirm details from a menu at the bottom of the screen within the App Store.

Never supply details to any site that is not owned by Apple, so basically the App Store and iTunes App are the only places that should ever ask for a password.

here'a one I got yesterday
request "cancel De-activation" is that like Deactivate the De-activation" :confused:








OFFICE 365

Dear User,

A request to deactivate your Email account was made and this request will be processed shortly.If this was accidental, you are advised to verify your account to cancel the request now


Cancel De-activation

However, if you do not cancel this request, your account will be deactivated shortly and all data will be lost permanently.

Or you may be asked to enter this security code: 4273
Regards.

Email Admin

This message is auto-generated from Microsoft security server, and replies sent to this email can not be delivered.


Microsoft account symbol

Pass me the whisky and a couple of Ibuprofen ... this is seriously confusing ... do you or don't you? ;-)

I had a feeling.....
 

.....that what you've all said would be the case.
Alsacienne no whisky, no Ibuprofen, I did - I binned it and briefed SWMBO accordingly.

The Ancient Mariner

It's spam or phishing. No doubt.

Check the from email addrsss. If it's not *.apple.com it's not Apple.

Problem is, even if it is from apple.com, it can still be spam / fishing / malware.

Fake "from" addresses are trivially easy to create.

Even if it seems to be from a legitimate source you should still not trust it.

SD

The analogy I like it that it is exactly as easy as writing a fake return address on the back on an envelope and popping it in the post.

Similarly, phone caller IDs can be faked by anyone with their own internal phone system. I am not sure about those with plain copper lines but essentially any multi-line business using digital lines (ISDN) gets to put their own caller id on the call. This may sound odd but consider the case where for reliability a business buys lines from more than one supplier yet wants to put the corporate 0800 number on the wires as the caller ID. The phone companies allow that. The line user gets to put on any caller ID that they choose.

The golden rule applies:

Just compare the worst that can happen if it is genuine and you do not respond with the worst that can happen if it is a scam and you do respond.

Do not attempt to open the PDF, it will be a concealed executable file that can do anything from sending junk to your address book, to turning your PC to a spam forwarding hub or worse

Is this one genuine or not? [email protected].
My mother keeps getting asked if she has changed her apple id.

gemma10

A scan of that address shows many redirects that end in a cloud account, so I would suggest that the address supplied by you is not genuine. Also the time to get a reply from that address is way too long for a legitimate commercial address, where ping return times are typically much less than a second.

Another trick used by scammers is to create a clickable link that appears to contain a genuine address, but a different address is hidden behind the link with the ink colour set to match the paper colour, so the real link to the scam site remains undetected.

I was the recipient of a string of these messages about six months ago.

I didn't have an Apple ID or an Apple account. I still don't. The messages were deleted at the server.

FOR

Most spammers are lazy. They will not bother to spoof the from email address. First step is to check it and if it's not apple.com it is certainly spam. If it is, you still need to be careful, following steps as suggested by andytug above.

Currently my spam is almost exclusivly from FedEx and Google. Mostly with hidden links to cheap and phony drug sites. Perhaps also contains malware. I now have my default setting to not open images.

If this is 100% accurate - i.e. copied and pasted - the mere fact of using "closed" (past tense) before they have actually done the deed should set alarm bells ringing! And there should be a space between "Apple" & "ID".

Poor use of English, and sloppy punctuation, is a hallmark of spammers.

TFP

Why, why, why do people have to ask if these messages are genuine? Of course they're not!! Even more so the recently received notification of a 'tax repayment'!! No need to analyze or consider if they MIGHT be valid ... they are bad news rubbish!! Into the bin or, preferably, forward to the spoofing agency.

I don't normally but I recently got one from Travelex and it did look genuine e.g. correct e mail address etc. It had an attached receipt for £449.70 which I had apparently obtained in the Departure Lounge at T3 at Heathrow. My son had very recently used T3 and I thought it might be his but why would they use my e mail address? He assureed me that he hadn't used them.

I phoned Travelex using a number on their website and they assured me that it was genuine but had been sent to me in error. They asked me to delete it. This raises the question of how did they have my e mail address when I have never used Travelex?

Getting some via email from Google UK (bl@@dy poms! :)); should my Anti-Virus or Anti Malware be picking these up before I open them (which I haven't done)? Thinking of my elderly friends...