New phishing email pretends to be from Apple's online store
We've received several reports today of an email making the rounds that's very likely a phishing scam. The message content is cleverly designed to look like it's coming from the Apple Store, and clicking on any of the links will take you to a website that's even superficially similar to Apple's online store.
If you get this email, don't buy anything from its associated website, as there are a few dead giveaways to the inauthenticity of the message. First, the message sender will come up as a random string of characters followed by @live.com. All messages from the Apple Store should have apple.com at the end, and nothing else. The URL that you're directed to if you click anything in the message will eventually resolve to appledownload.com instead of the proper URL, store.apple.com, and you'll find a website that looks sort of like Apple's storefront but is focused seemingly exclusively on software sales.
The "about" section on the site is written in quite broken English and claims the business is based in San Francisco. However, a simple WhoIs lookup shows that the site is registered to "Lyubov Bushmakina" in St. Petersburg, Russia. If that's not a red flag, I don't know what is.
Bottom line: don't buy anything from this site if you're the least bit paranoid of being defrauded. There's a slim chance the site may be a legitimate software outlet, but by "slim chance" I really mean "snowball's chance on the surface of Venus." Always be wary of emails like this that offer to sell you stuff, especially if there's telltale signs it's not coming from who you think it is at first glance.
Update: Commenters have noticed that the email addresses targeted by these phishing attempts are consistent with addresses used to register for MacHeist in the past. In early 2010, MacHeist's then-email processor iContact reported that it was the victim of a security breach that exposed some subscriber email addresses to spammers; it is possible that some of these compromised addresses are now being used for Apple-themed targeted spam. MacHeist no longer uses iContact for email processing.
