Hi Pat, I know this has been covered before but probably bears repeating:
When Peter says check the sending address - you need to actually examine the headers in the message source - it is very easy to just "SPOOF" the "From" address to match any address. This is a common spamming technique to make people think that SPAM is genuine. Often on mailing lists I see warnings to people that their email account has been hacked just because SPAM has been sent to the list with a real member's "From" address. In most cases it does not mean their email account has been hacked, it just means that the Spammer spoofed a member's from address to be able to post to a member-only list. Examining the message source code is also an easy way to see where links in the email actually end up - often the link that looks to be an Apple.com link actually goes to an obviously false domain - but sometimes more sophisticated operators even register domain name that look authentic but do not belong to the actual company being imitated. I know Peter is well aware of this, as are most WAMUG members - it has often been discussed before - but I still find people being caught out by this - so possible worth repeating. Cheers Neil -- Neil R. Houghton Albany, Western Australia Tel: +61 8 9841 6063 Email: n...@possumology.com -----Original Message----- From: <wamug.org.au-wamug-boun...@lists.wamug.org.au> on behalf of Peter Hinchliffe <hinch...@multiline.com.au> Reply-To: WAMUG <wamug@wamug.org.au> Date: Friday, 10 May 2019 at 07:57 To: WAMUG <wamug@wamug.org.au> Subject: Re: Something I didn't buy > On 9 May 2019, at 9:42 pm, Pat <clamsh...@iinet.net.au> wrote: > > I received an email today which may or may not have come from Apple. It says, “Your Apple Subscription Receipt” (to Netflix). But, I did not order a subscription. I think it is probably a scam, although it looks very authentic. One anomaly is that where it says ‘you can cancel a Subscription at any time: Cancel/Refund Subscription’ there is no URL. > > The email did not say ‘No Reply’, so I did reply, but it bounced. > > What recourse do I have? > 1. Always, always, ALWAYS make it your first order of business to check the sending address of the email. If it has genuinely come from Apple, the sending address will end in .apple.com. If its some variant of .apple.xxx.com, or something else that doesn’t evem contain the word “apple”, you can be sure it didn’t come from anyone at Apple. Likewise, a genuine email from Netflix will end in .netflix.com, not some variant of .netflix.xxx.com. You can check the sending address byt rolling over the address at the very top of the email and clicking on the little disclosure trinagle that appears (assuming you’re using Mail). 2. Never, never, NEVER reply to suspicious emails. It’s just inviting a ton of trouble. It confirms that your email address is real, inviting a potential flood of spam from the same source or others. Kind regards, Peter Hinchliffe Apwin Computer Services FileMaker Pro Solutions Developer Perth, Western Australia Phone (618) 9332 6482 Mob 0403 046 948 -------------------------------------------------------------------- Mac because I prefer it -- Windows because I have to. -- The WA Macintosh User Group Mailing List -- Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> Settings & Unsubscribe - <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug> -- The WA Macintosh User Group Mailing List -- Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> Settings & Unsubscribe - <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug>