Call Us On - 0333 358 3399
Email Us - info@yourbusinesscommunity.co.uk

I have just received what looks like a text message asking me to go to an Apple website and update my details.  When visiting the site, it really does look like it is Apple - BUT IT ISN'T!

First, what I got does not appear to be a text - there is no way to see who sent it except the name of the sender, "InfoApp".  This leads me to believe that this could be something called a push notification.  This is a feature that is becoming more popular and generally is a great thing, but, like all methods of modern communication, can be abused.  I don't often accept push notifications, unless it is from a trusted source and am searching to see if and how it was sent (I will keep you updated).

If you get this text/message

  • do not click the link
  • forward it to your service providers spam team
  • delete it

A text only version of this scam has been around a while (see this article).

Tracking the owner of the domain was not difficult:

Registrant Name: Stewart Johnston
Registrant Organization:
Registrant Street: xx Carnreagh
Registrant City:xxxxxx
Registrant State/Province: Hillsborough
Registrant Postal Code: xxxxxx
Registrant Country: GB
Registrant Phone: +44.xxxxxx250828
Registrant Email: This email address is being protected from spambots. You need JavaScript enabled to view it.

Now, they could be an innocent party (or fake details), whose website has been maliciously taken over, but I wonder what they are doing about it?  Interestingly, this domain was registered at 4.55 this morning and I got the message at 6.48 - quick work!

BTW, being a good citizen, I have reported this to the polices Action Fraud website.  Whilst it asked me about the issue, it did not ask about specifics - is this just a statistics gathering exercise or a useful proactive tool?  I have also reported it to the domain registrars.

Don't get caught out by this and similar ones.

 

UPDATE: 6th February 2017

I reported the domain to the registrars and am happy to report they they have suspended the domain and blocked the account owner.