It is possible to detect text in images using OCR (Optical Character Recognition), but I don’t know if email companies do that.Īlso, can I just point out that the image doesn’t have Alt Text to describe it either. It’s difficult to analyse the text of an email for spam if there’s no text to begin with. Looking at the source code, we find that the actual image is stored on a legitimate picture hosting site called imgBB:Īpart from giving you a bigger target to click on, the scammer has also used an image rather than text in this instance, to try and bypass spam checks by email providers. if you were to try and click the Support link at the bottom or just randomly clicked anywhere on the message in general. But overall it’s easy for you to hit the link anywhere without expecting to, e.g. There is a bit of clear space either side of the image, because they’ve centred it in the message window, so if your window is wide enough, you can potentially click to the left and right of the image safely. So there was no text to copy – I simply typed up a copy by hand instead. And resting the cursor over parts of the message away from the button continued to reveal the address as a tooltip.
It only changes to the hand icon when it’s over a link. I saw my mouse cursor was a pointing hand icon wherever I moved it in the message, rather than a regular arrow. I noticed it was an image when I went to copy and paste the text for this post. Clicking any of those things will take you to that dodgy website. The only exception is the initial salutation to my email address, which is standard text, as it’s their only way of trying to make the email appear personalised. So this includes the white background, the Apple logo, the message text, the account access button, and the footer text with what appear to be links for the Apple ID, Support and Privacy Policy along with the Apple copyright line. But you can also click anywhere else for the same effect, because the entire message is a clickable image. They haven’t even set up a proper website name, it’s just an IP address, which could potentially be useful for tracing purposes.īut here’s the interesting thing – the button isn’t actually the link. Sure, you can click on it and it will take you to that website.
But here the scammer’s just been very lazy and picked a very random address. Many scam emails include the company name in the link address somewhere, to try and give the impression it’s genuine, even though it’s still obviously fake. Hovering over the link to view the address again shows that it has nothing to do with Apple, as it’s pointing to “5.189.146.107/~calmbunn/.uk/uk/index.php”. The phrasing “termination of your used services” is rather odd grammatically though, but otherwise there’s not a lot to say about that aspect of it. The rest of the message is short and has no spelling errors, so perhaps isn’t quite so obvious. Though as it happens, the address I use for my blog isn’t the one I use for iTunes anyway, so it’s impossible for iTunes to suspend an account that doesn’t exist! salutation greets me by my email address, not my name, which iTunes would have on file.The sender’s name says it’s from iTunes, but the actual address is clearly randomly generated and has nothing to do with Apple:
APPLE ITUNES SCAM EMAIL UPDATE
Please update your billing information as soon as possible to avoid any termination of your used services.Īccess my account From Address Your Apple ID has been suspended due to the following reason: Email 2: Please update your billing information.
0 kommentar(er)
