Ignore Shipping Delay Emails

[Aduntu]

Some of you need a reality check! How in the heck would a phishing email have your order number, etc.

The email is REAL! UPS DOES NOT DELIVER TO ALL AREAS ON SATURDAY!

I have used UPS for years and their Saturday delivery area is limited!

How old are some of you?

I don't believe anyone doubts that UPS doesn't deliver everywhere on Saturday. People are questioning the authenticity of the email.

The first link to the suspicious email contained an order number and email address. That combination should retrieve order status on Apple's site, but it doesn't--for what it's worth.

 

[flyguy206]

I'll back you up here on this. Every email I've ever received from Apple about an order had a direct link to the order itself. Even when the link only said "Order Status" it takes you directly to the order, not the login page.

Thank you this is a trick. Apple would not send you anything about delivery but a tracking number that is why they give you one so you can track it. Look who made the thread it is a newbie that posted a link to the site

 

[rtabdo]

But you can NOT reference my order number can you?

These emails reference the customers order number!

They are real

Good point. If its referencing your order number, then I can't imagine it being fake.

 

[GeekLawyer]

but how do they know all the info?

None of the concerned posters have proven that their personal information was included in the alleged email. All we have to go on is their word. And that's looking for flimsy by the minute.

 

[aristobrat]

http://macs.about.com/b/2008/08/11/phishing-scam-uses-mobileme-and-itunes-as-bait.htm

The current fake email making the rounds has 'iTunes Store (do_not_reply@apple.com)' or just 'do_not_reply@apple.com' in the 'From' field, and 'Important: Billing Problem' in the 'Subject' field.

Right, and to grab another paragraph from your link, the current fake emails are doing something that this email isn't. The email people are getting today isn't redirecting them to a fake site trying to phish their credentials.

The rest of the email is a typical HTML message, asking you to update your billing information by clicking a link in the email. The link doesn't take you to the iTunes Store or the Apple Store, but to a site that attempts to look like the Apple Store. If you click the link and provide your credit card information, you'll send the scammers on an all-expenses-paid spending spree, with you paying the expenses.

 

[GregGebhardt]

It's quite possible that UPS, Apple and/or the data centers hosting their environments has been breached. Once that has occurred, getting into a database to mine name, order numbers, addresses, etc., is a pretty easy thing to do.

"But wait", you say, "how do you know this"?

I'm the Cyber Security Director for a Fortune 500 company. I deal with things like this every day of the week.

You are too funny.

If the security HAD been breached it would not be for this email to just piss people off! If you think so, I feel sorry for your company who thinks you are intelligent! LOL!

 

[mkruck]

You are too funny.

If the security HAD been breached it would not be for this email to just piss people off! If you think so, I feel sorry for your company who thinks you are intelligent! LOL!

Think, man, think...

IF it were a security breach, it wouldn't be to piss off a bunch of people. It would be to get you to divulge your personal information. Good lord, it's not that difficult to comprehend.

 

[GregGebhardt]

Good point. If its referencing your order number, then I can't imagine it being fake.

It is so sad as people here are going to any possibility that this email is a fake and they will still get their device. It tells much of the mentality of the average iPad user!

 

[talkingnewmedia]

Here's a suggestion: don't click on the link until it appears on your new iPad Saturday morning.

 

[aristobrat]

I supposed someone could post the header from one of these emails. That might add some more clarity as to its origin.

 

[wayneholbrook]

ANCHORAGE, AK, US 04/01/2010 5:40 A.M. ARRIVAL SCAN
CHEK LAP KOK, HK 04/01/2010 1:22 P.M. DEPARTURE SCAN
SHENZHEN, CN 03/30/2010 7:07 P.M. ORIGIN SCAN
CN 03/31/2010 5:32 A.M. BILLING INFORMATION RECEIVED



Alaska? Sat is coming soon, I hope it can get to Miami by then, I'm stressing it.

 

[stevers23]

I supposed someone could post the header from one of these emails. That might add some more clarity as to its origin.

Full Headers for the "No delivery on Saturday" Apple emails. Can someone confirm if these are legit?

From APPLE STORE Thu Apr 1 16:13:29 2010
X-Apparently-To: private@yahoo.com via XX.XXX.XXX.XX; Thu, 01 Apr 2010 09:16:08 -0700
Return-Path: <do_not_reply@apple.com>
X-YMailISG: 8sqUvHsWLDuMKTagJ6ZevhXhRDfcwoZOdYgqQ84kxwDGswq6hKKoYcqXbIrDtzhssaXbPYlDDl.zFqr590Fi50TVfX7xAu8EqWpy RNFUfU8n3AEZjLaTW.pNrwt0yZhaEjZnqbftJDAwQUb_m.EZy1a2IxVZR4FG11zMf7vAKA3iNRK5XAQmi68yWjf_l5SU2nUpl.a. FnNncsMnMOdxFWAGxZKsi4P5dYuF60fTK6cTE.6YFfjVQw73XdtwT5PzngBAPJvi.zWa05ZkJnSa4xwiQzyZ0RGcw1KhYH65X5cx AJvIF80XXiUcva04QFn4sM6nGUoZRV5v1F6dFQvovH3XOYM-
X-Originating-IP: [17.254.13.38]
Authentication-Results: mta1106.mail.mud.yahoo.com from=; domainkeys=neutral (no sig); from=apple.com; dkim=neutral (no sig)
Received: from 127.0.0.1 (EHLO bz3.apple.com) (17.254.13.38)
by mta1106.mail.mud.yahoo.com with SMTP; Thu, 01 Apr 2010 09:16:08 -0700
Received: from apple.com (unknown [17.34.124.17])
by bz3.apple.com (Postfix) with ESMTP id BFE851BBAD651
for <private@yahoo.com>; Thu, 1 Apr 2010 09:16:07 -0700 (PDT)
Date: Thu, 1 Apr 2010 09:13:29 -0700 (PST)
From: APPLE STORE <Do_not_reply@apple.com>
Subject: RE: Your Apple Order # 71318XXXXX
To: <private@yahoo.com>
Message-ID: <ADR35000004003411@apple.com>
MIME-Version: 1.0
Importance: Normal
X-Priority: 3 (Normal)
X-Mailer: SAP Web Application Server 6.20
Content-Type: text/plain;
charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Content-Description: RE: Your Apple Order # 71318XXXXX
Content-Length: 847

 

[aristobrat]

Think, man, think...

IF it were a security breach, it wouldn't be to piss off a bunch of people. It would be to get you to divulge your personal information. Good lord, it's not that difficult to comprehend.

So why did you even bring up the fact that this email could be the result of a security breach when it's been posted that nothing in the email is an attempt to divulge personal information?

 

[aristobrat]

X-Originating-IP: [17.254.13.38]
Authentication-Results: mta1106.mail.mud.yahoo.com from=; domainkeys=neutral (no sig); from=apple.com; dkim=neutral (no sig)
Received: from 127.0.0.1 (EHLO bz3.apple.com) (17.254.13.38)
by mta1106.mail.mud.yahoo.com with SMTP; Thu, 01 Apr 2010 09:16:08 -0700
Received: from apple.com (unknown [17.34.124.17])
by bz3.apple.com (Postfix) with ESMTP id BFE851BBAD651
for <private@yahoo.com>; Thu, 1 Apr 2010 09:16:07 -0700 (PDT)

The first two hops of this email appear to be from Apple-registered IP addresses.

 

[mkruck]

So why did you even bring up the fact that this email could be the result of a security breach when it's been posted that nothing in the email is an attempt to divulge personal information?

Why not? Does it really matter? Is your life going to be irrevocably changed for having read it?

I didn't realize that this was your personal forum.

Everyone is just absolutely spun up about this. If you don't get it Saturday, you'll get it Monday. I'd love to receive my new toy on Saturday as promised, but it's not going to be the end of the world if I have to wait until Monday. Or Tuesday.

Maybe it was the aliens that sent it. Or the NWO. Or insert your favorite conspiracy here...

 

[Aduntu]

Full Headers for the "No delivery on Saturday" Apple emails. Can someone confirm if these are legit?

From APPLE STORE Thu Apr 1 16:13:29 2010
X-Apparently-To: private@yahoo.com via XX.XXX.XXX.XX; Thu, 01 Apr 2010 09:16:08 -0700
Return-Path: <do_not_reply@apple.com>
X-YMailISG: 8sqUvHsWLDuMKTagJ6ZevhXhRDfcwoZOdYgqQ84kxwDGswq6hKKoYcqXbIrDtzhssaXbPYlDDl.zFqr590Fi50TVfX7xAu8EqWpy RNFUfU8n3AEZjLaTW.pNrwt0yZhaEjZnqbftJDAwQUb_m.EZy1a2IxVZR4FG11zMf7vAKA3iNRK5XAQmi68yWjf_l5SU2nUpl.a. FnNncsMnMOdxFWAGxZKsi4P5dYuF60fTK6cTE.6YFfjVQw73XdtwT5PzngBAPJvi.zWa05ZkJnSa4xwiQzyZ0RGcw1KhYH65X5cx AJvIF80XXiUcva04QFn4sM6nGUoZRV5v1F6dFQvovH3XOYM-
X-Originating-IP: [17.254.13.38]
Authentication-Results: mta1106.mail.mud.yahoo.com from=; domainkeys=neutral (no sig); from=apple.com; dkim=neutral (no sig)
Received: from 127.0.0.1 (EHLO bz3.apple.com) (17.254.13.38)
by mta1106.mail.mud.yahoo.com with SMTP; Thu, 01 Apr 2010 09:16:08 -0700
Received: from apple.com (unknown [17.34.124.17])
by bz3.apple.com (Postfix) with ESMTP id BFE851BBAD651
for <private@yahoo.com>; Thu, 1 Apr 2010 09:16:07 -0700 (PDT)
Date: Thu, 1 Apr 2010 09:13:29 -0700 (PST)
From: APPLE STORE <Do_not_reply@apple.com>
Subject: RE: Your Apple Order # 71318XXXXX
To: <private@yahoo.com>
Message-ID: <ADR35000004003411@apple.com>
MIME-Version: 1.0
Importance: Normal
X-Priority: 3 (Normal)
X-Mailer: SAP Web Application Server 6.20
Content-Type: text/plain;
charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Content-Description: RE: Your Apple Order # 71318XXXXX
Content-Length: 847

bz3.apple.com/17.254.13.38 appears to be one of Apple's mail servers.

These headers match up with other legitimate Apple correspondence.

 

[GregGebhardt]

bz3.apple.com/17.254.13.38 appears to be one of Apple's mail servers.

These headers match up with other legitimate Apple correspondence.

WOW! These scammers/phishing senders must really be good! LOL!

 

[GeekLawyer]

It's not impossible to spoof email headers. I just so skeptical of this whole situation.

 

[GHII]

and it says the email is from 'APPLE STORE', all my apple emails are from 'Apple Store', correct grammar.

 

[GregGebhardt]

and it says the email is from 'APPLE STORE', all my apple emails are from 'Apple Store', correct grammar.

Well then that it it!

Thanks for clearing this all up!

 

[hellodon]

Its not out of the ordinary for Saturday Delivery to NOT be available in certain areas. Apple actually warned of this when I placed the order saying that some areas don't have saturday express delivery. I have received things on Saturday's before so I knew I was okay with that

....so I hate to say it guys, but if you received those e-mails, it's probably legit and you won't get it until Monday.


Check with UPS to see if your zip code has Saturday delivery...

http://www.ups.com/content/us/en/shipping/time/service/value_added/sat_delivery.html

 

[mrdean2]

I received a strange email from do_not_reply@apple.com this morning concerning my iPad order. I am a little worried about my account because iTunes has been asking for my iTunes store password to get my available downloads even though I haven't made any purchases recently. I ignored it for a couple of weeks, but then my wife unknowingly entered my password to "get the available downloads." I'm hoping that wasn't a fake phishing window of some sort that opened pandora's box of email scams for me.

 

[Eye4Desyn]

it was a little odd...

I got the same email. Luckily, I didn't click their link to view/change order status - if this is in fact a malicious message of some sort. What makes it suspect, is the fact that all my other legitimate receipts from via the From columm/header in mail read "Apple Store" vs. "APPLE STORE" <----all caps is very un-Apple, no??...like this alleged phishing mail that was sent to a lot of folks this morning/overnight.

 

[UnseenLlama]

Wow, resurrected this thread again.

The email sent out this morning WAS NOT FAKE. Neither was the email sent at the beginning of April for the original wifi iPad launch.