Dealing with Phishing Attacks

Within a few minutes I received three messages of attempts to access my Apple ID and Facebook accounts.

 

[box type=”shadow”]appleid The first notification was from Apple. Someone had tried to log into my Apple ID enough times that the account had been locked out. Unfortunately this happens all too frequently to me. Their system automatically locks the account in response to what is effectively a denial of service attack. I have to go through their iforgot system to unlock my account. I’ve had it happen to me several times in the same day. At some point Apple decides that I need to reset my password because of the repeated unlock activity. Ironic it is because of my strong password that the attacker have not gotten in. My password is a string of randomly generated gibberish that I don’t even know thanks to LastPass. It’s kind of ridiculous that Apple locks me out of my phone and then requires me to prove my identity by sending a code to the same phone. Come on Apple. If my phone is trusted then why is it being locked out?[/box]

 

[box type=”shadow”]applescam The second attack came in the form of an email from Apple Corporation address to an iCloud.com that is not my primary Apple ID (clue #1) from an address that is not Apple (clue #2), with a greeting of “Dear Apple Customer” (clue #3), and with hyperlinks going to a Russian web site (clue #4). The thing is, how many people take the time to scrutinize their email like this? It looks legit. It’s asking for my password. Ok. Right? The lesson here is that if you get a message like that, don’t click on the link. Go to the web site directly if you think you actually need to change the password. Using LastPass would have protected you from the phishing site by not entering in your password in the fake site.[/box]

 

[box type=”shadow”]facebookscam The final message came legitimately from Facebook caused by someone trying to log into Facebook as me. In this case the email had something that Apple should take note. There was a link to disavow the password reset request that was actually going to Facebook.com. Even then it made me nervous because Facebook allow and their entire business model is based on user-generated content. So just because it’s on Facebook.com does not prove that it is legit. Unless someone has the username of “login”, I’m pretty sure that it is legit – but only pretty sure.[/box]