PDA

View Full Version : Phishing fraudsters target Apple


MacBytes
Jan 17, 2006, 08:45 AM
http://www.macbytes.com/images/bytessig.gif (http://www.macbytes.com)

Category: Apple Services
Link: Phishing fraudsters target Apple (http://www.macbytes.com/link.php?sid=20060117094548)
Description:: Email fraudsters are targeting Apple fans in a change of tactic from standard phishing attacks.

Posted on MacBytes.com (http://www.macbytes.com)
Approved by Mudbug

winmacguy
Jan 17, 2006, 11:42 AM
Has anyone been hit by this yet?

Passante
Jan 17, 2006, 12:03 PM
I read the article and could not tell if they were reporting something or just passing fud

joepunk
Jan 17, 2006, 12:38 PM
Have not been targeted yet. Although I do get emails for free apple stuff but I guess that just counts as regular junk mail.

winmacguy
Jan 17, 2006, 01:03 PM
I read the article and could not tell if they were reporting something or just passing fud
I dont think they are passing any FUD with this one. I know OSX is secure but there is nothing to stop a naive user from putting their iTMS account details into a bogus email in order to 'confirm' user information :rolleyes: No computer system in the world is going to keep hackers out when the idiot user is giving away confidential information for free :eek:

iMeowbot
Jan 17, 2006, 01:15 PM
Yep, that's the gist of it. If you get mail from Apple, make sure it's really from Apple. I found one of these in junk a few days ago but it's toast now.

winmacguy
Jan 18, 2006, 01:18 AM
Here's what happens
Bogus emails claiming to be from the Apple Store that request customer account information are in circulation.

These so called "phishing" attacks claim to be from the store. They tell recipients about orders the recipients have not placed, asking that they click on a link to download something to read the email.

If an unsuspecting user clicks on the link, some reports claim a virus is downloaded, while The Register reports the spammers gather personal information about their victim, leaving their accounts wide open to fraud.

One example email seen by Macworld is titled: "Your order #134835 has been accepted for the amount 779.00$". The order claims to be for a digital camera.

It reads: "Thank you for shopping with us", and threatens that a user's credit card will be charged with that amount, asking that they click on a link within the email if they want to check or cancel the order.

Macworld UK reader Marc Berry explained: "My Mum received an email (that appeared to be) from the Apple Store saying she had brought a digital camera. It then asked you download something to look at the order which she was hesitant in doing as she never placed the order. She called Apple Store this morning and they said they had received a number of calls today about this, and told her to permanently delete the email from her inbox and then from the deleted items folder."

The new scam seems very similar to eBay and bank phishing scams that have been widely seen online.

While most experienced Internet users should recognise the email as dubious, unsuspecting or less experienced users may fall for it.


So it looks like it is more likely to affect the millions of PC owning iTunes users rather than the Mac using contingent. Who would have thought...:rolleyes:

sjk
Jan 18, 2006, 02:39 PM
I've noticed an increase in this type of phishing scam the past few months but don't remember offhand if the messages were addressed to appear to be from Apple. They're caught by my junk filter and I've just been deleting them. I'm not even sure where's best to report this stuff anymore (maybe Anti-Phishing Working Group (http://www.antiphishing.org/)?), plus (AFAIK) Apple Mail can't forward messages as attachments anyway so it's not been worth my time and trouble to investigate further. But I do occasionally warn inexperienced users to be aware and beware, without overwhelming them with technical details. That's a futile effort with some people who seem stubbornly resistant to understanding, even with clear and simple information, and might choose to overreact with generalized fear instead.