Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

dictoresno

macrumors 601
Original poster
Apr 30, 2012
4,521
661
NJ
Lately I've been setting random spam messages to my iCloud email address from random and sometimes spoofed legitimate hosting sites. All of them had "reply to" indicators directing to an @gmx.com, @gmx.us email address.

Also noticed that the "from" and "to" sections are usually the same spam email address. How is that possible? My email isn't even in the "to" field. Im trying to get mail to show the exact email, but can't figure it out. One email came from "@prrimus.ca" which appears to be a spoofed version of "primus.ca" email address. How can I make its real address show in mail so I can block it? You can see in the included screenshot that both "to" and "from" are the same, neither are obviously my email address.

Ive reported them as junk by forwarding them to spam@icloud.com as apples website states and set up a filter to auto delete any emails originating from them. Still sucks that theres no block button we can just tap upon receiving junk email in iCloud.
 

Attachments

  • Screen Shot 2017-02-01 at 1.22.53 AM.png
    Screen Shot 2017-02-01 at 1.22.53 AM.png
    26.3 KB · Views: 595
I used to get 1-3 each day to my iTS/MAS-tied email account, randomly to any of the @Mac/@me/@icloud domains, and I've never given that email address out to anyone. Then, they stopped - for several weeks, ceasing on the same day the Avalanche botnet was taken down - https://en.wikipedia.org/wiki/Avalanche_(phishing_group) - but reading the press about it the feds were resigned to it picking up again in the near future. And, a couple of weeks ago, they started up again just as before - that domain, Google Notifier, FedEx, even "iCloud Messenger". Sigh…

I'm surmising that the only place that the phishers could have sucked up my email account address was by getting them from Apple somehow as I've never used the email except for the MAS and iTS and I use a separate email for iCloud services. So, yeah, I've noticed an uptick in spam and I'd swap out another email address for my iTS/MAS purchases in a heartbeat if I could. I don't bother reporting them to Apple, once you're on a list, it's pretty much game over for that email address… :oops:
 
  • Like
Reactions: dictoresno
Yup, same here I have a .mac address with my full name. Pisses me off that Apple has no way to change that without blowing out the account for old .mac domains.
 
At least include a "block" button so we can block them as they come in. Even gmail offers that.
 
Soooo, following up on this thread it seems a couple of a$$ wipes in one of my states screwed up. I saw a post on The Guardian that has some links to their sources about a huge spam database - about 1.4 billion email addresses - that was exposed in January. According to MacKeeper, one of their employees happened upon a massive database and shared it with other researchers. A related, linked-to post on SCOOnline.com shows just over 460k mac.com email addresses - along with other email providers - using illegal IP hijacking. The timing of that rsync screw up coincides with the uptick of spam, me thinks? Spamhaus.org and Salted Hash were also involved in the investigation - personal information was also in the database…

Links:
https://mackeeper.com/blog/post/339-spammergate-the-fall-of-an-empire
http://www.csoonline.com/article/31...eir-entire-operation-through-bad-backups.html
Embedded JPEG with partial list of compromised domains:
http://core0.staticworld.net/images/article/2017/03/email_list_rcm-100711753-orig.jpg
https://www.theguardian.com/technology/2017/mar/06/email-addresses-spam-leak-river-city-media

Well, crap… :mad: My spam content has upticked even more in the past few weeks…
 
I am getting spam at an egregious rate, all of it porn-related, which hasn't happened in the 10 years I've had this email account through Mac. It's very frustrating and it happened basically overnight.
 
I am getting spam at an egregious rate, all of it porn-related, which hasn't happened in the 10 years I've had this email account through Mac. It's very frustrating and it happened basically overnight.
There's someone out there that's a major PITA to those with mac/me/icloud domains. First one every once in a while, then a bunch every day, then nothing for weeks, and it's back to a bunch every day. Like I wrote earlier in this thread I get spam to addresses I've never used, preferring to use an alias.

15 years ago, an employee of an investment company providing those services walked out with thousands of client records - mine was one of them; that turd was busted and went to jail. I was put on free credit monitoring, 10 years after I left that company but I still wonder who got access to my personal information. My point is that, given that I'm receiving spam at two email addresses I've never distributed to anyone ever, I'm strongly of an opinion that a disgruntled or greedy former Apple employee sold out and Apple will never 'fess up. We're not the only ones:
https://www.reddit.com/r/apple/comments/5vf0qo/icloud_spam_emails_increased/

and a bunch of other threads like it. Spam, the new junk mail, but for pr0n and theft. Ugh. Sadly, you're on the list now.
 
I'm getting hammered with them. Not sure who's at fault, but I've gotten two alerts from "Have I Been Pwned?" in less than a week, so that definitely doesn't help.

I've got like 40 rules applied to my iCloud email now, and that increases every week as I get new spam in my inbox that my rules or Apple's servers don't catch. :(

Apple seriously needs to step up their spam detection game. Gmail's spam detection, I think, is among the best.
 
  • Like
Reactions: jagooch
Troy Hunt posted this two days ago:
https://www.troyhunt.com/password-r...other-1-billion-records-in-have-i-been-pwned/
and he's reached out to the at-large community asking if anyone knows who is/where the source is. Lots of comments are listing MySpace, Badoo, LastFM, and others with Hunt offering in the post's body that at least 74% of the two recent leaks were already in the "Have I Been Pwned?" portal (cited from his Twitter page).

The two iCloud addresses I use both are on Dropbox, while one is with Adobe. Yep, it's already old… :mad: I think I'm going to buy Troy a beer…
 
Yeah I've noticed a big increase in spam to my @me.com address. Weird as only my family and close friends have that. Receiving them from, things like - Customer engagement, GoogleService, Gmail Team, WhatsApp Service and many more.

A few of them have made it into my inbox, but I've been marking them as Junk, I've noticed they have started to go into my Junk folder.
 
Just want to up this. Im getting a lot more spam lately. I find it disgusting that Apple does not give the end user the power to turn off its junk filtering to a service that does, or allow us to set rules to BLOCK them from even entering our account at all.
 
I never used to get spam on my iCloud.com address and recently I am getting a lot more every single day!
Is there something I can do about it? I use the mail app from Apple on my iMac and iDevices.
 
So bad I've had to turn it off and remove the account on my iPhone, iPad, and Mac. It was RIDICULOUS.

Apple needs to give us the ability to change our addy's on the fly like Microsoft's Outlook.com. Gmail should do the same. I don't want to change my Apple ID because my purchased apps and music are on it and I don't have the time or patience to putz with two different Apple ID accounts.

In fact, I'm going to email them and ask them to let me change it. Adding an alias that redirects to the same box is NOT a solution.

I'd like to switch back to it from Gmail, but not at this rate.

A lot of the spam, like 75%+ is all from @Mac.com addresses. Now isn't THAT ironic! Makes me so mad. Wish there was better spam filtering and the ability to kill all @Mac.com addresses coming into my inbox. That's SUCH an old address that no one uses it, just those that carried over from iTools/.Mac/MobileMe. Otherwise, my iCloud email is staying disabled.
 
So bad I've had to turn it off and remove the account on my iPhone, iPad, and Mac. It was RIDICULOUS.

Apple needs to give us the ability to change our addy's on the fly like Microsoft's Outlook.com. Gmail should do the same. I don't want to change my Apple ID because my purchased apps and music are on it and I don't have the time or patience to putz with two different Apple ID accounts.

In fact, I'm going to email them and ask them to let me change it. Adding an alias that redirects to the same box is NOT a solution.

I'd like to switch back to it from Gmail, but not at this rate.

A lot of the spam, like 75%+ is all from @Mac.com addresses. Now isn't THAT ironic! Makes me so mad. Wish there was better spam filtering and the ability to kill all @Mac.com addresses coming into my inbox. That's SUCH an old address that no one uses it, just those that carried over from iTools/.Mac/MobileMe. Otherwise, my iCloud email is staying disabled.


Report you are having issues with this on my thread in this same section called “iCloud Mail address list breach?”

In the mean time, you can have all emails that come from an @mac.com address to the trash by going to logging into iCloud on a PC/Mac on iCloud.com then going to mail, pressing the gear in the bottom left corner, and then going to rules and making 2 new rules

The first will be
“Move all messages from *@mac.com to Trash”

The Second will be
“Move all messages from @mac.com to Trash”
 
  • Like
Reactions: appleman1988
Report you are having issues with this on my thread in this same section called “iCloud Mail address list breach?”

In the mean time, you can have all emails that come from an @mac.com address to the trash by going to logging into iCloud on a PC/Mac on iCloud.com then going to mail, pressing the gear in the bottom left corner, and then going to rules and making 2 new rules

The first will be
“Move all messages from *@mac.com to Trash”

The Second will be
“Move all messages from @mac.com to Trash”

Thanks.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.