02/27, 3:35pm
New MobileMe scam
MobileMe subscribers are again being targeted in an updated phishing scam, investigation reveals. Similarly to earlier attempts, the scam beings with an e-mail, prompting people to update their credit card information in advance of an upcoming renewal date. A link is provided to log into MobileMe, but in reality it guides users to a different domain -- "http.apple-billing.me.uk" -- which spoofs the design of the Apple online store, and tricks unwitting visitors into sharing credit card data.
more
09/23, 5:25pm
MobileMe phishing scam
Malicious users are again targeting MobileMe customers with a phishing ploy geared towards obtaining credit card information. According to UGN InfoManager, the scam comes in the form of a billing verification email from Apple, which leads users to an official-looking website. The site is hosted on a fraudulent web server, the domain name being klubdna.com, despite the visual resemblances to Apple's MobileMe account page.
more
07/23, 5:55pm
iPhone open to Phishing?
Security researcher Aviv Raff says the iPhone versions of Mail and Safari are vulnerable to URL spoofing, an exploit that could open the door to phishing attacks. Raff says hackers can e-mail specially-designed URL that links to a site that appears to be legitimate. A user might think it is a trusted site like Pay Pal -- but instead the bogus site steals passwords and other information when the user tries to log on. The maliciously crafted URL is (erroneously) recognized by Safari as a "trusted site."
more
05/20, 10:40pm
Apple iTunes targetted
Apple's widely recognized iTunes is being used to lure users to a phishing scam that could allow hackers to obtain private credit card and personal information. The world's most popular music store is being used as part of a series of sophisticated identity theft attacks for the first time, a security company noted on Tuesday. The Computerworld report says that users began receiving spam email messages on Monday telling them that they must correct a problem with their iTunes account; however, the link leads to a third-party site masquerading as an iTunes billing update page: "that phony page asks for information including credit card number and security code, Social Security number and mother's maiden name," the report noted.
more
02/28, 1:50pm
Safari vulnerable to phish
PayPal warns its members to avoid using Safari when making transactions, since it has a distinct lack of protection against phishing – the act of coaxing a user to click on a false link on a false web page for malicious purposes. PayPal users are typical targets for phishing attempts, where the page asks users for their personal login information. Once this information is collected, malicious users have free reign over a compromised PayPal account.
more
