Appleをかたるフィッシングメールが出回っているらしい
誘導先となる複数の偽サイトが同日13時30分現在稼働中ですと。
この偽サイトでApple IDや個人情報、クレジットカード情報などを入力しないよう注意しているよ。

メールの件名は複数あり、「Order Confrimations. #[英数字]」「リマインダ：アカウントロック」「AppIe: 確認の進捗状況 [日付]」「あなたのApple IDでセキュリティを守ります」「Apple ID アカウントが無効になっています : [日付]」「Apple IDはセキュリティ上の理由から無効になっています : [数字]」「お知らせ：[Apple] Statementアカウントのログインを再開する [日付]」「あなたのApple IDがロックされています」

本文は日本語で、請求書の書式となっており、購入していない場合に注文をキャンセルするよう案内し、「注文をキャンセルする」または「iTunesの支払いキャンセルフォーム」のリンクから偽サイトに誘導。

詳細はこちら
https://www.antiphishing.jp/news/alert/apple_20170607.html

こちらが偽サイトですと
https://●●●●.co/6nyjmyhIfL
http://cresoitalia.●●●●.it/skin/frontend/jp.php
https://www.appleid-●●●●.com/aps/clients/?[パラメータ]
https://●●●●.co/lhASxdQc4m
http://●●●●.co/6m4W2
https://www.apple-jp.update-account-informations.●●●●.id/
https://●●●●.co/4kns1sRTYW
https://app-scure-●●●●.com/clients
http://newarivied.●●●●.es/japan-id-skin/appleid/apple
https://apple-appleidverify.●●●●.com/Login.php?[パラメータ]
http://●●●●.ly/2rL9wxa
http://mlg-jpy.●●●●.com/
http://secure1.apple.com.account.c86aoq.info7832642.●●●●.info/clients/?[パラメータ]
https://●●●●.gl/jNxRo9
http://redirect-sign-ins.●●●●.cc/
https://apple-information-update.●●●●.cc/clients/?[パラメータ]
https://icloud.verify.customer.data.●●●●.info/
注意しましょう

メールが正常に表示されないので、サイトで見てほしいというアホな迷惑メールです。
会社名とサイトのチェックするも全く別なところから転送されているので全く無視です。
SilverpopソフトウェアはIBMデジタル・マーケティング・ソリューションの一部
行動に基づく顧客の洞察と対話をマネージメントサイト。
導入させリモート操作できるようにするためですね。顧客アプリなので、発信元、内容を把握できるので逆探知ウェア的な
目論見ですね。

件名
Subject: PLEASE DO NOT DELETE | ACTION REQUIRED
差出人
From: Zweig Group
返信先
Reply-To: no-reply@zweiggroup.com
宛先
自メール
内容

To view this mail in a browser, copy http://links.mkt3638.com/servlet/MailView? into your browser.
%%SUBJECT%%PLEASE DO NOT DELETE | ACTION REQUIREDEmail not displaying correctly?
View it in your browser http://links.mkt3638.com/ctt? view_online%%#%%.In an effort to provide a more enhanced and secure experience across the Zweig Network, we are updating the software for all email communications.
If you wish to continue receiving further emails from us, please follow the link below and choose what type of emails you are interested in.EMAIL PREFERENCES http://links.mkt3638.com/ctt?
If no action is taken you will cease to receive emails from Zweig Group.
Thank you for being a part of Zweig Group and feel free to visit our website http://links.mkt3638.com/ctt? and click the chat link in the lower right corner with any questions or problems.
Thanks!
Zweig Team.
Lack of response does not constitute an opt out.Zweig Group http://links.mkt3638.com/ctt?
Hot Firm and A/E Industry Awards Conference http://links.mkt3638.com/ctt?
The Zweig Letter http://links.mkt3638.com/ctt?
Civil + Structural Engineer magazine http://links.mkt3638.com/ctt?
Be sure to check out our new and improved website.
zweiggroup.com http://links.mkt3638.com/ctt?
http://links.mkt3638.com/ctt?k
Follow us on Facebook http://links.mkt3638.com/ctt?
http://links.mkt3638.com/ctt?
Follow us on Twitter http://links.mkt3638.com/ctt?

Copyright © 2016 , All rights reserved.

Our mailing address is:

Zweig Group
PO Box 1528
Fayetteville, Arkansas 72702

We respect your privacy. Click here to Unsubscribe http://links.mkt3638.com/servlet/—

添付ファイル
なし
———————————————
ソース
From – Thu Jun 1 08:3 2017
X-Account-Key:
X-UIDL:
X-Mozilla-Status:
X-Mozilla-Status2:
X-Mozilla-Keys:
Return-Path:
X-Original-To: @
Delivered-To: @
Received: from mail3042.zweig.mkt3638.com (mail3042.zweig.mkt3638.com [208.95.133.34])
by mail. with ESMTP id
for <@>; Thu, 1 Jun 2017 06:15:32 +0900 (JST)
Received: by mail3042.zweig.mkt3638.com id for <@>; Wed, 31 May 2017 +0000 (envelope-from )
Date: Wed, 31 May 2017 21: +0000 (GMT)
From: Zweig Group
Reply-To: no-reply@zweiggroup.com
To: @
Message-ID: <.JavaMail.app@rbg53.atlis1>
Subject: PLEASE DO NOT DELETE | ACTION REQUIRED
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary=”—-=_”
x-mid: 17353415
X-CSA-Complaints: whitelist-complaints@eco.de
x-rpcampaign: s
Feedback-ID: pod5_:ibmsilverpop
x-job:
x-orgId:
List-Unsubscribe:
X-EsetId: 7

——=_
Content-Type: text/plain; charset=”utf-8″
Content-Transfer-Encoding: 7bit

To view this mail in a browser, copy http://links.mkt3638.com/servlet/MailView? into your browser.
%%SUBJECT%%PLEASE DO NOT DELETE | ACTION REQUIREDEmail not displaying correctly?
View it in your browser http://links.mkt3638.com/ctt?view_online%%#%%.In an effort to provide a more enhanced and secure experience across the Zweig Network, we are updating the software for all email communications.

If you wish

———————————————
添付なし
———————————————
Received: from mail3042.zweig.mkt3638.com (mail3042.zweig.mkt3638.com [208.95.133.34])
IPv4 address:
208.95.133.34
IPv4 expanded:

208.095.133.034
IPv4 decimal:

3495920930
Internet service provider:
Silverpop Systems
Organization:
IBM Corporation
Country name:
United States
Country ISO alpha-2 code:
US
State:
Georgia
City:
Atlanta
DMA code:
524
Timezone:
America/New_York
Longitude:
-84.4635
Latitude:
33.871
WHOIS last updated:
new WHOIS data is currently unavailable for all requests [GL3000-3000]. Try again in 20 min, 39 sec.
Reverse DNS host:
mkt3638.com
Reverse DNS pointer:
mail3042.zweig.mkt3638.com
Reverse DNS in-addr.arpa:
34.133.95.208.in-addr.arpa domain name pointer mail3042.zweig.mkt3638.com.
Reverse DNS last updated:
1 month, 10 days ago on April 20, 2017, 1:18 am GMT Time
Reverse DNS next check:
in 4 months, 18 days on April 20, 2017, 1:18 am GMT Time
Update DNS Records:

Enter to update DNS:
Bot/spider
No
Record requests
1
—————————————————–
Domain Name:
zweiggroup.com
Check status
Page Response:
120.4 (ms)
Website Ranking:

LinkedIn29
SEO Report Time:
Created: 1 month, 10 days ago, Updated: 1 month, 10 days ago
Update SEO Report:

Enter to update SEO:
Meta Tags:

Title Zweig Group – Consulting & Business Services for the AEC Industry
Description Consulting & Business Services for the AEC Industry
Robots noodp
Handheldfriendly True
Mobileoptimized 400
Viewport width=device-width, initial-scale=1.0
Internet service provider:
Media Temple
Organization:
Media Temple
Country name:
United States
Country ISO alpha-2 code:
US
State:
California
City:
Culver City
DMA code:
803
Timezone:
America/Los_Angeles
Longitude:
-118.3928
Latitude:
34.0202
WHOIS last updated:
new WHOIS data is currently unavailable for all requests [GL3000-3000]. Try again in 4 min, 13 sec.
Forward DNS primary host:
google.com
ALT4.ASPMX.L.GOOGLE.com
Forward DNS expanded data:
zweiggroup.com has address 216.70.123.134
zweiggroup.com mail is handled by 5 ALT2.ASPMX.L.GOOGLE.com.
zweiggroup.com mail is handled by 10 ALT3.ASPMX.L.GOOGLE.com.
zweiggroup.com mail is handled by 1 ASPMX.L.GOOGLE.com.
zweiggroup.com mail is handled by 5 ALT1.ASPMX.L.GOOGLE.com.
zweiggroup.com mail is handled by 10 ALT4.ASPMX.L.GOOGLE.com.
Forward DNS last updated:
1 month, 10 days ago on April 20, 2017, 1:19 am GMT Time
Forward DNS next check:
in 4 months, 18 days on April 20, 2017, 1:19 am GMT Time
Reverse DNS in-addr.arpa:
No valid reverse DNS record has been found at this time.
Reverse DNS last updated:
0 seconds ago on May 31, 2017, 11:55 pm GMT Time
Reverse DNS next check:
in 1 day on May 31, 2017, 11:55 pm GMT Time
————————————————————–
Domain Name:
eco.de
Check status
Page Response:
208.02 (ms)
Website Ranking:

LinkedIn13
stumbleupon1
SEO Report Time:
Created: 1 month, 10 days ago, Updated: 1 month, 10 days ago
Update SEO Report:

Enter to update SEO:
Meta Tags:

Title eco – Verband der Internetwirtschaft e.V. | Verband der Internetwirtschaft e.V.
Description Verband der Internetwirtschaft e.V.
Internet service provider:
Host Europe GmbH
Organization:
Host Europe GmbH
Country name:
Germany
Country ISO alpha-2 code:
DE
State:
North Rhine-Westphalia
City:
Hoest
Timezone:
Europe/Berlin
Longitude:
6.1833
Latitude:
51.65
WHOIS last updated:
1 month, 9 days ago on April 21, 2017, 2:31 am GMT Time
WHOIS data:
No valid WHOIS data was available at the time of the initial request.
Update WHOIS data:
new WHOIS data is currently unavailable for all requests [GL3000-3000]. Try again in 2 min, 13 sec.
Forward DNS primary host:
de-cix.net
relay5.de-cix.net
Forward DNS expanded data:
eco.de has address 178.77.101.60
eco.de mail is handled by 10 relay6.de-cix.net.
eco.de mail is handled by 10 relay5.de-cix.net.
Forward DNS last updated:
1 month, 10 days ago on April 20, 2017, 1:28 am GMT Time
Forward DNS next check:
in 4 months, 18 days on April 20, 2017, 1:28 am GMT Time
Reverse DNS host:
eco.de
Reverse DNS pointer:
www.eco.de
Reverse DNS in-addr.arpa:
60.101.77.178.in-addr.arpa domain name pointer www.eco.de.
Reverse DNS last updated:
1 month, 10 days ago on April 20, 2017, 1:28 am GMT Time
Reverse DNS next check:
in 4 months, 18 days on April 20, 2017, 1:28 am GMT Time

ランサムウェアの感染を騙った詐欺電話について　んあり得ないなーと思ったら

「あなたのコンピユーターがランサムウェアに感染している」と不安を煽りそうです。
そういうことね
銀行の口座番号と暗証番号を聞き出す電話だそうな。
警視では、「全て嘘です。絶対に相手の要求に応じないでください」と言ってるよ。
絶対に相手の要求に応じないでください。とのことです。

About fraud phone that cheated infection of “Ransomware”
When I think that it is impossible

“Your computer is infected with Ransomware” and it seems to raise anxiety.
I see
It is a phone that hears bank account numbers and personal identification numbers.
In the police, “All is a lie, please never respond to the other’s request”.
Never respond to the other’s request. … apparently …

詳細
Details
http://www.keishicho.metro.tokyo.jp/kurashi/cyber/joho/ransomware.html