I Got Phished

As I regularly say, the first line of cyber-security defense needs to be your brain.

I received this email late last night.  Looks pretty legit, doesn’t it?  My first reaction was, “Huh?  I didn’t order this.”  Then I began to notice things that were not quite right – things seemed “fishy,” if you will.

The first thing that jumped out at me was the registered trademark symbol.  Emails from Apple do not contain this symbol.  Also, in May of 2015, Apple switched from using “iTunes Store” as their sender’s name to simply, “Apple.”

The second thing, and this was a dead giveaway, the email was addressed to one of my personal email addresses but not to the one I use for my iTunes account.

The third thing, Pandora does not sell subscriptions through iTunes.


To see the actual email address of the sender, I’ll click on “iTunes.”


Hmmmm.  Probably a bogus email address.  I doubt that the Adventist University for Health Sciences would be running a scam.

The purpose of this email is probably to steal people’s Apple IDs and passwords.  If that’s the case, then there will be a link to click on that will take you to a page that very much looks like an Apple login page.  And since they’re probably feeling a bit panicked about spending 97.99 whatevers on something they did not order, their natural inclination will be to cancel immediately and request a refund.

And sure enough, there is a link: Cancel / Refund Subscriptions.

Safari allows us to preview a web site before actually visiting it.  So, let’s have a look.


Yep.  Once again, it looks legit.  It was probably lifted right off the Apple Web site.  But check the URL.  That sure ain’t https://apple.com, but they seem to know who I am.

I don’t recall this specific email address being part of any major web site data breach but I’ll check anyway.  A quick trip to Troy Hunt’s Have I Been Pwned web site, enter the email address in question, and…


Oh, bugger!

Well, mark this email as junk and get on with my life.  Good thing I change my passwords regularly and use two-factor authentication on places like Apple and Amazon.

The point of this is to illustrate how important it is to be careful and to use your head when online.  If someone wants you to go to a website, even one that you are familiar with, and you did not contact them first, then don’t trust them until you can verify that they really are who they say they are.

As a rule, I personally do not click on any links in email messages.  For example, if my bank sends me an email telling me my online statement is ready, I don’t click on the link they provide.  I go to my bank’s web site, log in, and then check my statement from there.

It’s all part of staying safe and protecting your private information while online.

About IronSocket

Our staff has been involved with computers since the early days of dial up modems. We have combined experiences spanning decades working on a multitude of internet based projects. One of our goals is to make a conscience effort to inform others about staying safe on the internet. If you ever need to reach us, leave a comment, put in a ticket, or contact us using our website's contact us form.