Mac users, are you excited to jump on your free Mavericks upgrade? Be aware that the scammers, spammers, and phishers out there are aware of the mass migration and geared to take advantage. The malicious emails have already begun.
Late last night, I downloaded Mavericks, but didn't get to installing it until this morning. By the time I got to work, I had received an email on my personal account from Apple notifying me that my Apple ID had been used to sign-in on my MacBook Air. The email text was addressed to me and correctly named my computer. All good.
But I also received an email on my work email purportedly from Apple with the subject "Your Apple ID has been frozen temporarily". The text stated in mostly grammatically correct language that I "tired to to access your account more than once from several places and have exceeded the allowable limit for access times for this reason that your account has been frozen ."
Instead of being addressed to my name, the email was addressed to "Dear Customer". This generic salutation is the hallmark of a phishing scam. My work email is not associated with my personal Apple ID, which should have been my first clue. But in my pre-caffeine haze (and reliance on Gmail's typically reliable filtering system), I almost clicked through.
Thankfully, before jumping in, I noticed that the email, which was indeed sent from email@example.com, came via an Indonesian domain. The link that asked me to restart my information pointed to a Thai website.
Anyways, that was a phishing scam, and one that almost hooked me. According to an Apple Discussion Board post, you can forward any phishing emails to firstname.lastname@example.org and Apple will send back an automated response.
So, keep an eye out. Drop a line in the comments if you've run into any similar scams.
This story, "Warning: The OS X Mavericks phishing scams have already begun" was originally published by Macworld.