PIB

以下のような内容

Return-Path: <noreply@applevis.com>
X-Original-To: xxxxxx@example.com
Delivered-To: xxxxxx@example.com
Received: from xxxxxx.xx.example.com (xxxxxx.xx.example.com [xxx.xx.xxx.xxx])
	by xxx.xx.example.com (Postfix) with ESMTP id xxxxxxxxxxxx
	for <xxxxxx@example.com>; Sat, 21 May 2016 xx:xx:xx +0900 (JST)
Received: from xxxxx.xx.example.com (unknown [xx.x.xxx.x])
	by xxxxxx.xx.example.com (Postfix) with ESMTP id xxxxxxxxxxxx
	for <xxxxxx@example.com>; Sat, 21 May 2016 xx:xx:xx +0900 (JST)
Received: from mck1p (mck1p [xx.x.xxx.x])
	by xxxxx.xx.example.com (Postfix) with ESMTP id xxxxxxxxxxxx
	for <xxxxxx@example.com>; Sat, 21 May 2016 xx:xx:xx +0900 (JST)
Received: from xxxxxx.xx.example.com (xxx.xx.xxx.xx)
 by xxxxx (F-Secure/virusgw_smtp/410/xxxxx);
 Sat, 21 May 2016 xx:xx:xx +0900 (JST)
X-Virus-Status: clean(F-Secure/virusgw_smtp/410/xxxxx)
Received: from smtp2.chr.co.th (smtp2.chr.co.th [58.137.229.209])
	by xxxxxx.xx.example.com (Postfix) with ESMTP id 9FD20250E1D
	for <xxxxxx@example.com>; Sat, 21 May 2016 xx:xx:xx +0900 (JST)
Received: from Wlndows1 (unknown [13.85.70.121])
	by smtp2.chr.co.th (Postfix) with ESMTP id A11D7BF18C2
	for <xxxxxx@example.com>; Sat, 21 May 2016 xx:xx:xx +0700 (ICT)
MIME-Version: 1.0
From: InApple <noreply@applevis.com>
To: xxxxxx@example.com
Reply-To: InApple <noreply@applevis.com>
Date: 20 May 2016 xx:xx:xx +0000
Subject: xxxxxxxxxxx
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: base64
Message-Id: <20160520xxxxxx.xxxxxxxxxxx@xxxxxx.xx.example.com>

Imagine similara <https://www.google.ro/imgres?imgurl=http%3A%2F%2Ficons.iconarchive.com%2Ficons%2Figh0zt%2Fios7-style-metro-ui%2F512%2FMetroUI-Folder-OS-OS-Apple-icon.png&imgrefurl=https%3A%2F%2Fwww.neuronext.org%2Fpatients-families&docid=xxxxxxxxxxxxxx&tbnid=xxxxxxxxxxxxxxxxx&w=512&h=512&bih=949&biw=1680&ved=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx&iact=c&ictx=1>             Apple Management

Hello xxxxxx@example.com,
We're letting you know that you need to confirm your Profile Details.

You can Continue and Sign in to review your Profile Details.

Continue and Sign in <http://mysphereinfotech.com/victorious.php?xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>

Thank you,

Apple Community Center!

Apple, the Apple logo, and iPhone are trademarks of Apple Inc., registered in the U.S. and other countries. Touch ID is a trademark of Apple Inc.

Security Icon 	  This email was scanned by Norton Security Scan!

This is a service email from iApple. Please note that you may receive service emails in accordance with your agreements, whether or not you elect to receive promotional email.
Please don't reply directly to this automatically generated email message.
iApple Email, NC51-028-029-01, 152 N College St., Charlotte, NC 228255

&#169; 2016 iApple . All rights reserved.

Apple 製品なんか使ってねーわ！ボケが！

まぁ、見るからにフィッシングなので、
下手にウイルスとか仕込んでセキュリティ対策ソフトにフィルタされると、
騙されて ID, PW 入れてもらえなくなるため、
普通に考えると直接開いてもリスクは低い筈なんだけど、
なんとなく嫌なので modern.ie 経由で確認してみると
案の定、見た目は Apple のアイコンと Apple ID の入力画面ですよね。

本物	偽物

まぁ、よく出来てる

VirusTotal 様もフィッシングなの検出率 0/67

• https://www.virustotal.com/ja/url/533454f727348f02...
• https://www.virustotal.com/ja/url/600e184ca12b62af...

agues では、唯一 barracuda central のブラックリストにかろうじて引っかってる状況


gred は素通り


フィッシング対策協議会 のページを見てみたが、
Apple をかたるフィッシング (2016/05/20) とは違うタイプだな。