Mastodawn

@gruber I’m late to the game here, but worth noting that Apple does have a few “whatever-apple.com” URLs (e.g “appleid.cdn-apple.com”). Not necessarily user-facing in my experience, but it means it's not entirely implausible that “audit-apple.com” could have been real.

(Apple maintains a list of its legitimate domains for network administrators, for anyone curious.)

https://jagsworkshop.com/2026/03/matt-mullenweg-almost-phished/

https://support.apple.com/en-us/101555

@daringfireball

Matt Mullenweg Almost Got Phished with a Fiendish Apple Account Scam

Matt Mullenweg, of WordPress fame (and infamy), was almost phished in a sophisticated scheme that used Apple’s own support structure to enable the diabolical attack: What made the attack impressive was the next move: The scammers actually contacted Apple Support themselves, pretending to be me, and opened a real

JAG’s Workshop

Matt Mullenweg Documents a Dastardly Clever Apple Account Phishing Scam

Matt Mullenweg Almost Got Phished with a Fiendish Apple Account Scam