|
|
legitimate email?
|
|
|
|
Dedicated MacNNer
Join Date: Apr 2002
Location: In your blind spot.
Status:
Offline
|
|
I got this email in my Junk mail box.I don't remember asking for any help in resetting my password, so I'm wondering if this is spam or real.
|
W....liar or idiot? Pick two.
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Aug 2007
Status:
Offline
|
|
|
MacBook Pro 13" 2.8GHz Core i7/8GB RAM/750GB Hard Drive - Mac OS X 10.7.3
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Mar 2001
Location: yes
Status:
Offline
|
|
There is no way you can tell whether or not it is legit without looking at the full headers, specifically the envelope information. It is trivially easy to forge email headers.
Can you post the email with full headers attached?
|
|
|
|
|
|
|
|
|
Posting Junkie
Join Date: Feb 2005
Location: 888500128
Status:
Offline
|
|
Either somebody was trying to use access your account online, or somebody is trying to get your account data from you.
|
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Aug 2006
Location: London
Status:
Offline
|
|
|
MacBook Pro 2.2 i7 | 4GB | 128GB SSD ~ 500GB+2TB Externals ~ iPhone 4 32GB
Canon 5DII | EF 24-105mm IS USM | EF 100-400mm L IS USM | 50mm 1.8mkII
iMac | Mac Mini | 42" Panasonic LED HDTV | PS3
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Aug 2007
Status:
Offline
|
|
Well lets see. https://iforgot.apple.com/cgi-bin/We...iForgot.woa/wa takes you to the reset password/forgot password page for your Apple ID. And if this poster has his email address used as his Apple ID (iTunes, Apple Store online purchases, etc), it's possible that someone tried to hack his account without him knowing it.
I just tried this and it gives me 2 options: reset password by sending you an email link (which this OP has received) or reset by entering secret questions.
I suggest others do some research like I did before jumping to conclusions.
|
MacBook Pro 13" 2.8GHz Core i7/8GB RAM/750GB Hard Drive - Mac OS X 10.7.3
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Mar 2001
Location: yes
Status:
Offline
|
|
Originally Posted by 64stang06
Well lets see. https://iforgot.apple.com/cgi-bin/We...iForgot.woa/wa takes you to the reset password/forgot password page for your Apple ID. And if this poster has his email address used as his Apple ID (iTunes, Apple Store online purchases, etc), it's possible that someone tried to hack his account without him knowing it.
I just tried this and it gives me 2 options: reset password by sending you an email link (which this OP has received) or reset by entering secret questions.
I suggest others do some research like I did before jumping to conclusions.
And how do you know that the message isn't HTML formatted and the URL displayed is false? This is how phishing emails often work. If you have not checked the source of the email and the envelope information of the email, your research is incomplete.
|
|
|
|
|
|
|
|
|
Addicted to MacNN
Join Date: Aug 2004
Location: FFM
Status:
Offline
|
|
If you didn't ask to have the password reset, then don't reset the password. Seems quite simple to me. It doesn't matter whether the e-mail is legit or not.
|
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Aug 2007
Status:
Offline
|
|
Because the email I received to reset my password was formatted EXACTLY like the OP, [email protected] as the sender. I'm not saying the links are legit, I was simply stating the email was from a legit source. Obviously, if he/she didn't know where it came from, they should not click the link.
|
MacBook Pro 13" 2.8GHz Core i7/8GB RAM/750GB Hard Drive - Mac OS X 10.7.3
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Mar 2001
Location: yes
Status:
Offline
|
|
Originally Posted by 64stang06
Because the email I received to reset my password was formatted EXACTLY like the OP, [email protected] as the sender. I'm not saying the links are legit, I was simply stating the email was from a legit source. Obviously, if he/she didn't know where it came from, they should not click the link.
I could forge an identical email with the same header information in about 2 minutes. The from address being reported is meaningless, which is why you need to look at the envelope information.
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Oct 2000
Location: Los Angeles
Status:
Offline
|
|
2 minutes? Try 20 seconds.
|
"The natural progress of things is for liberty to yield and government to gain ground." TJ
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Mar 2001
Location: yes
Status:
Offline
|
|
Originally Posted by Big Mac
2 minutes? Try 20 seconds.
Exactly! The extra time I've allocated is for installing your own MTA so that you don't leave a trace of this email in your ISP's SMTP/mail logs
|
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Aug 2007
Status:
Offline
|
|
Lol, ok ok, I see the point
|
MacBook Pro 13" 2.8GHz Core i7/8GB RAM/750GB Hard Drive - Mac OS X 10.7.3
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Oct 2001
Location: San Diego, CA, USA
Status:
Offline
|
|
Best advice: If you weren't specifically expecting an e-mail, don't click a link in it. That's how you get phished. Make sure the address looks all right and type it into the browser window yourself if you want to visit the page.
|
Chuck
___
"Instead of either 'multi-talented' or 'multitalented' use 'bisexual'."
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Mar 2001
Location: yes
Status:
Offline
|
|
I also recommend putting your mouse over each link to see if where the link actually directs you to matches the domain of the reported sender, and always check the envelope address(es) to ensure that the email actually originated from that network by viewing full headers for that email. These checks should only take a few seconds.
Just some generic email security tips.
|
|
|
|
|
|
|
|
|
Posting Junkie
Join Date: Feb 2005
Location: 888500128
Status:
Offline
|
|
Originally Posted by besson3c
I also recommend putting your mouse over each link to see if where the link actually directs you to matches the domain of the reported sender
That doesn't really help the layman at all if the address is
eBay - Page Not Found
which is what an awful lot of phishing links are.
Edit: Oh **** it. Mouse over the link to see what I mean.
(
Last edited by analogika; Dec 24, 2007 at 04:28 PM.
)
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Mar 2001
Location: yes
Status:
Offline
|
|
True...
The best form of investigation would be to check the envelope information, because chances are a fraudulent email did not originate from inside the network being spoofed. If it did, all bets are off.
|
|
|
|
|
|
|
|
|
Dedicated MacNNer
Join Date: Nov 2000
Status:
Offline
|
|
Another possibility is that it's legit, but someone with an address very similar to yours was screwing up and couldn't log in and requested the reset, not realizing they had the wrong address. I get the occasional registration confirmation message for random sites at my Gmail address even though I never did it. Some chump out there thinks my address is theirs from time to time, or makes frequent typos. Unfortunately, since I don't know what their correct address is, I can't write and let them know that they're doing this.
|
|
|
|
|
|
|
|
|
Fresh-Faced Recruit
Join Date: Dec 2007
Status:
Offline
|
|
Originally Posted by stoneage
I got this email in my Junk mail box.I don't remember asking for any help in resetting my password, so I'm wondering if this is spam or real.
I personally doubt its real, but put your mouse cursor over the link for like 5-10 seconds and it will show the real url. whats the real url point to?
|
|
|
|
|
|
|
|
|
Addicted to MacNN
Join Date: Aug 2004
Location: FFM
Status:
Offline
|
|
Originally Posted by dn15
Another possibility is that it's legit, but someone with an address very similar to yours was screwing up and couldn't log in and requested the reset, not realizing they had the wrong address.
I already mentioned this, but somehow the geeks got caught in trying to figure out whether its real or not and are not realizing that it simply doesn't matter.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Rules
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|