Phishing Report: Thank you for shopping with us!

by Jon Lober | NOC Technology

Thanks for nothing: taking a closer look at fake iPhone order confirmation emails.

Our IT experts weigh in on a recent iPhone phishing attempt that made it past Gmail's filters.

Have you seen this email (or a version of it)?


As a local IT consulting and cybersecurity firm, it's crucial for us to stay vigilant against online threats, including phishing scams. Recently, our team received a particularly insidious phishing email disguised as an order confirmation for an iPhone purchased through an online marketplace. The email, purportedly from a seller named Jennifer Lackey, included a fake PayPal receipt and appeared to be a legitimate transaction confirmation. In fact, this email looked so good that the individual's spouse called to ask if they'd ordered an iPhone.


However, upon closer inspection, several red flags immediately stood out.


Here's a breakdown of the suspicious elements in the email:


  1. Oddly Capitalized Greeting: While we've redacted the name here, the email begins with a generic greeting: Dear individual's name, formatted strangely and with improper capitalization. If the email recipient had made an online purchase, they would likely use correct capitalization of their own name.
  2. Urgency Tactics: Phishing emails often try to create a sense of urgency to prompt immediate action. In this case, the email mentions an estimated delivery timeframe of 5-7 business days, subtly pressuring the recipient to act quickly without carefully verifying the authenticity of the message.
  3. Lack of Specifics: While the email provides some details about the supposed purchase, such as the product (iPhone), quantity, amount, and order ID, it lacks specific information that would typically be included in a legitimate order confirmation, such as the specific model of iPhone purchased (Apple has released at least 42 models since 2007) shipping address, or tracking information.
  4. Suspicious Payment Method: The email claims that the payment method used for the purchase was "Online Payment," which is vague and doesn't specify a reputable payment service provider. Legitimate businesses typically provide clear information about the payment method used for transactions. The attached "invoice" shows a prominent Paypal logo, but that information is missing from the order confirmation itself.
  5. No Contact Information: Although the email encourages the recipient to reach out with any questions or concerns, it fails to provide any contact information for the supposed customer support team. Legitimate businesses typically include contact details or links to customer support channels for inquiries.



iphone order phishing scam gmail

What to do with a fake iPhone order email.

Given these glaring inconsistencies and red flags, it's evident that this email is a phishing attempt designed to deceive recipients into divulging sensitive information or clicking on malicious links. To protect yourself and others from falling victim to similar scams, here are some steps you can take:


  1. Verify the Sender: Always double-check the sender's email address and look for any signs of impersonation or spoofing. Legitimate businesses usually use domain-specific email addresses, whereas phishing emails may come from suspicious or unfamiliar domains.
  2. Inspect URLs and Attachments: Be cautious of clicking on any links or downloading attachments from unsolicited emails. Hover over hyperlinks to preview the destination URL and ensure they lead to legitimate websites. Similarly, exercise caution when opening email attachments, especially if they're unexpected or from unknown sources.
  3. Report Phishing Attempts: If you receive a suspicious email like the one described above, report it to the appropriate authorities immediately. You can forward phishing emails to organizations like the Anti-Phishing Working Group or the Federal Trade Commission to help combat fraudulent activity and protect others from falling victim to similar scams. For more information on how to report phishing emails, check out our blog post.


By staying informed and vigilant, we can work together to thwart phishing attempts and safeguard our personal and financial information from cybercriminals. Remember, when in doubt, always err on the side of caution and verify the legitimacy of any unexpected or suspicious emails before taking any action.


Stay safe online! If you have any questions about suspicious activity in your inbox, don't hesitate to reach out.

Request Email Fraud Book
Missouri Sheltered Workshops can empower human potential through AI
By Jon Lober April 24, 2025
Embracing the potential of both AI and humans
Tech upgrades that will boost employee safety in sheltered workshops
By Jon Lober April 15, 2025
At NOC Technology, we've worked with Missouri sheltered workshops for over seven years, and I've witnessed firsthand how the right technological implementations can transform sheltered workshop environments. Today, I'd like to share some insights on leveraging modern technology to create safer workspaces while maintaining the dignity and privacy of all participants. The Unique Safety Challenges of Sheltered Workshops Sheltered workshops provide valuable employment opportunities for individuals with disabilities, but they also present unique safety considerations. Workers may have varying levels of physical mobility, cognitive processing, and sensory perception—all of which can impact how they respond to traditional safety measures. Additionally, the production environments often involve machinery, tools, and materials that require careful monitoring and management. The Role of Smart Technology in Safety Advancements in smart technology provide real-time safety monitoring, immediate alerts for potential hazards, and improved emergency response times. Let’s explore some key technologies and their benefits in sheltered workshop environments. Personalized Alert Systems Traditional emergency alarms can be overwhelming for individuals with sensory sensitivities. Smart alert systems can deliver personalized notifications through: Vibrating wristbands that alert workers without auditory overload Visual notification systems with customizable colors and patterns Tablet-based communication for workers who benefit from visual cues Location-specific alerts that only notify those in affected areas We recently implemented a multi-modal alert system at a workshop in central Missouri that reduced anxiety-related incidents during emergency drills by 65% . Environmental Monitoring Maintaining optimal environmental conditions is crucial for both safety and productivity: Temperature and humidity sensors that automatically adjust HVAC systems Air quality monitors that detect potentially harmful particulates Noise level monitoring to prevent sensory overload Automated ventilation systems that activate when chemical levels exceed thresholds These systems not only protect workers but also provide documented compliance with OSHA regulations. Enhanced Supervision through Smart Cameras Security cameras have evolved beyond simple surveillance. Modern systems can: Detect unusual patterns that might indicate a worker in distress Monitor restricted areas without constant staff presence Identify when machinery is being used incorrectly Alert supervisors to potential safety hazards Important note: All camera systems should be implemented with strict privacy protocols and transparent policies. Workers and guardians should be fully informed about what is being monitored and why. In many cases, audio cannot be recorded, and the camera system must be configured to meet this requirement. Wearable Safety Technology Wearable devices offer personalized safety monitoring without stigmatization: Fall detection pendants that automatically alert staff Location tracking that helps locate workers in emergency situations Biometric monitoring for workers with health conditions Proximity sensors that prevent accidental entry into hazardous areas These wearables can be designed to look like standard ID badges or watches, preserving dignity while enhancing safety. Implementation Best Practices Successfully integrating smart technology into sheltered workshops requires careful planning: Involve all stakeholders: Workers, guardians, and staff should participate in selecting and implementing new technologies. Prioritize simplicity: Choose solutions that require minimal training and maintenance. Phase in gradually: Introduce new technologies in stages to allow everyone time to adapt. Balance automation with human oversight: Technology should supplement, not replace, trained staff. Respect privacy: Collect only essential data and maintain strong security protocols.
Could your sheltered workshop benefit from grant funding for new technology?
By Jon Lober April 7, 2025
As a sheltered workshop, you play a crucial role in providing meaningful employment opportunities for individuals with disabilities. However, like any organization, securing funding for technology upgrades can be a challenge. While investing in the right tools can improve efficiency, security, and overall productivity—that’s all only if you can afford the tools in the first place.
More Articles