Massive Phishing Attack Targets iTunes Customers

  /     /     /  
Publicated : 22/11/2024   Category : security


Massive Phishing Attack Targets iTunes Customers


Cleverly-crafted email tells users there is a problem with a purchase they havent made, PandaLabs says



Apples popular iTunes platform has become a major target for hackers looking to steal credit card data from the services millions of users, a research lab reports.
According to PandaLabs, victims of the new phishing exploit receive a cleverly crafted email with a
phony receipt
informing them that they have made an expensive purchase on iTunes. The user, having never made the purchase, is concerned by the email and naturally tries to resolve the problem --- by clicking on the proffered fake link.
After clicking the link, the victim is asked to download a fake PDF reader. Once installation is complete, the user is redirected to an infected Web page containing the Zeus Trojan, which is specifically designed to steal personal data. This phishing attack was uncovered shortly after a similar phishing attack targeting LinkedIn users appeared last week, which appears to have originated in Russia.
Phishing is nothing new, said Luis Corrons, technical director of PandaLabs. What never ceases to surprise us is that the techniques used to trick victims continue to be so simple, but the design and content is so very well-orchestrated. Its very easy to fall into the trap. When using services such as iTunes, it is absolutely crucial that users never go to the website via email, but rather from the platform itself, where they can verify their account status.
This new scam has been reported to the Anti-Phishing Working Group, which has started to block some of the Web addresses linked to in the fake email, PandaLabs says.
Have a comment on this story? Please click Discuss below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Massive Phishing Attack Targets iTunes Customers