macnn

05/20/2008, 10:40pm, EDT

Tuesday, May 20th

New phishing scam targets Apple's iTunes users

Apple's widely recognized iTunes is being used to lure users to a phishing scam that could allow hackers to obtain private credit card and personal information. The world's most popular music store is being used as part of a series of sophisticated identity theft attacks for the first time, a security company noted on Tuesday. The Computerworld report says that users began receiving spam email messages on Monday telling them that they must correct a problem with their iTunes account; however, the link leads to a third-party site masquerading as an iTunes billing update page: "that phony page asks for information including credit card number and security code, Social Security number and mother's maiden name," the report noted.

There have, however, been previous reports of "bogus" electronic iTunes certificates, scams targeting .Mac users with an email saying that Apple purportedly was unable to process their most recent payment, and phishing scams targeting Apple users, but Apple has not setup a specific email for users to report the problem, but provides some (very basic) information on Identifying phishing emails.

Phishing scams often target banks, where personal information can be used to steal a victim's identity and even take money from their accounts; however, the new scam is a new twist on the usual phishing attack, said Andrew Lochart, an executive with e-mail security vendor Proofpoint Inc. "We've gotten used to seeing the usual companies and brands attacked," he said, "like PayPal, eBay and Citibank. But we've never seen Apple as the target."

Lochart said the phishing campaign is likely being used because of its popularity and reach among users -- "that the bad guys see Apple's online presence as large enough to be a target." But he also noted that the demographics of iTunes users may also be part of the target.

"I wonder if the bad guys are thinking that [iTunes users] are younger than those for some of the other phished sites, like banks and eBay," he told the publication. "The way that teenagers and young adults use the Internet, they show a certain level of trust or openness when they post their name and age and school on MySpace."


Filed under: security
Other story tags: iTunes, phishing

, , comment, del.icio.us, slashdot, digg, buzz


post a comment
Reader Reactions (Please use <i></i> for italic text)

subscribe to comments
for this article




Expand All   Global Settings
Be the first to post comments on this story.
Your Comments

In order to post comments: If you are a registered member, please login with your MacNN Forums username and password otherwise please uncheck the checkbox below.


Registered Member?
macnn forums login:

macnn forums password:

Not a member of the MacNN forums? Register now for free.

MacNN iPodNN Electronista
top searches
1. apple
2. iphone
3. apple TV
4. ipod
5. mac
6. BBC
7. icons
8. icon
9. macbook
10. leopard
search for more ..
RSS Feeds

Have the latest content delivered to your desktop via RSS. Use the links below to get access to a specific blog, news, or reviews feed.



  MacNN -all

  MacNN Reviews

  MacNN Podcasts

  iPodNN

  Electronista

  Left Lane News
Turn your laptop into CASH: Sell us your used laptop. Working or not. Get money FAST. Instant online quote. Shipping is FREE.

Convert PDF to Word for Mac: Easily Convert PDF to Word Doc, Excel, and More. Fast and Accurate. No Registration Trial

Check Out the VIERA from Panasonic!: Enter a New Visual Era with Panasonic VIERA HDTVs. An Enhanced Experience.

LANDesk® Made for Mac: Native Macintosh® Support. Pricing & Free Trial Download.

Used Macs - Low Prices: Apple Macintosh computer supplies and Mac accessories. Everything you need for your Mac. Used Mac systems and hardware at value prices. Buy online. Check frequently for the best deals.

The All-New BlackBerry: No Need To Change Wireless Plans. BlackBerry Has Everything You Need.

Buy from The Apple Store, iTunes.com, Amazon.com, TechDepot, OfficeDepot, Computers4Sure, or donate.