September 23 - 5:25pm EDT  Malicious users are again targeting MobileMe customers with a phishing ploy geared towards obtaining credit card information. According to UGN InfoManager, the scam comes in the form of a billing verification email from Apple, which leads users to an official-looking website. The site is hosted on a fraudulent web server, the domain name being klubdna.com, despite the visual resemblances to Apple's MobileMe account page. [full story]

July 23 - 5:55pm EDT   Security researcher Aviv Raff says the iPhone versions of Mail and Safari are vulnerable to URL spoofing, an exploit that could open the door to phishing attacks. Raff says hackers can e-mail specially-designed URL that links to a site that appears to be legitimate. A user might think it is a trusted site like Pay Pal -- but instead the bogus site steals passwords and other information when the user tries to log on. The maliciously crafted URL is (erroneously) recognized by Safari as a "trusted site." [full story]

May 20 - 10:40pm EDT   Apple's widely recognized iTunes is being used to lure users to a phishing scam that could allow hackers to obtain private credit card and personal information. The world's most popular music store is being used as part of a series of sophisticated identity theft attacks for the first time, a security company noted on Tuesday. The Computerworld report says that users began receiving spam email messages on Monday telling them that they must correct a problem with their iTunes account; however, the link leads to a third-party site masquerading as an iTunes billing update page: "that phony page asks for information including credit card number and security code, Social ... [full story]

February 28 - 1:50pm EST   PayPal warns its members to avoid using Safari when making transactions, since it has a distinct lack of protection against phishing – the act of coaxing a user to click on a false link on a false web page for malicious purposes. PayPal users are typical targets for phishing attempts, where the page asks users for their personal login information. Once this information is collected, malicious users have free reign over a compromised PayPal account. [full story]