Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Blueser100

macrumors newbie
Original poster
Oct 11, 2022
24
7
CA
I got a junk (and aggressive, a bit threatening) scam email where the sender spoofed one of my iCloud aliases (that I never use) as both the sender and the recipient. How do they do that? Do they pick up the alias on the dark web (like everything else) or has my Apple iCloud account been compromised? The content of the email was very generic and meant to frighten someone into sending money.
 

Bigwaff

Contributor
Sep 20, 2013
2,766
1,845
one of my iCloud aliases (that I never use) as both the sender and the recipient. How do they do that? Do they pick up the alias on the dark web (like everything else)
Yup. If you’ve ever used it, they’ll find it… or where (web site, service, etc) you have used it, sold it. Or spammer randomly generated it and got lucky.
 

jb310

macrumors 6502
Aug 24, 2017
313
793
where the sender spoofed one of my iCloud aliases (that I never use) as both the sender and the recipient. How do they do that?
Look at the sender address very closely. Are they sending from @ icloud, or is it actually @ Lcloud?

(the L is lowercase to look like the letter I, so you see the sender's domain as @ lcloud instead of @ icloud)
 
  • Like
Reactions: EedyBeedyBeeps

Blueser100

macrumors newbie
Original poster
Oct 11, 2022
24
7
CA
Unfortunately I dumped the email already. But it sure looked like "icloud" but it sure could have been a lowercase L. That would explain a lot. I don't use this email address or any associated aliases anymore, if at all.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.