News
iTunes users targeted in phishing scam
Users of iTunes are the targets of a new phishing scam, according to e-mail security vendor Proofpoint. Computerworld reports that users began receiving spam messages yesterday informing them that they must correct a problem with their iTunes account. The enclosed link leads to a site posing as an iTunes billing update page where users are asked for information including their credit card number, security code, Social Security number, and mother’s maiden name. “We’ve gotten used to seeing the usual companies and brands attacked,” said Andrew Lochart, an executive with Proofpoint, “like PayPal, eBay and Citibank. But we’ve never seen Apple as the target.” Lochart said the campaign is likely a result of Apple’s growth, adding, “It’s probably indicative that the bad guys see Apple’s online presence as large enough to be a target. It’s part and parcel of the success that Apple has enjoyed lately.”
Lochart also said the identity thieves possibly aimed the attack at iTunes users due to the service’s youth-skewing demographics. “I wonder if the bad guys are thinking that [iTunes users] are younger than those for some of the other phished sites, like banks and eBay,” he said. “The way that teenagers and young adults use the Internet, they show a certain level of trust or openness when they post their name and age and school on MySpace.” Despite the threat, the scammers have “actually done a pretty poor job,” said Lochart, as the URL is clearly not part of an official Apple domain.
Related Stories
- Apple censors ‘jailbreak’ on iTunes Store
- Report: Siri APIs, Siri for iPad coming in iOS 6?
- Apple hit with class action suit over iTunes billing
- iTunes Match rolls out to several new countries
- Apple offers eBook settlement in Europe
- Apple responds to DOJ eBook antitrust suit
Comments
If you have a comment, news tip, advertising inquiry, or coverage request, a question about iPods/iPhones/iPad or accessories, or if you sell or market iPod/iPhone/iPad products or services, read iLounge's Comments + Questions policies before posting, and fully identify yourself if you do. We will delete comments containing advertising, astroturfing, trolling, personal attacks, offensive language, or other objectionable content, then ban and/or publicly identify violators.
Recent News
- Seidio unveils Expert Portfolio Case for iPad
- Google Search app for iPhone gets major redesign
- Miniot debuts Pouch for iPhone 4, 4S
- Mint.com app adds budget editing, split transactions
- Apple SVP Jonathan Ive receives knighthood
- Photo of the Week: iPhone 4S at Fenway
- INRIX Traffic adds Personalized Traffic, Map Enhancements
- Total Baby now universal, improves timer features
- DropCloud gets new name, live updates and inline previews
- Purported iPod touch 5G panel points to larger screen
Recent Reviews
- dreamGEAR i.Sound Power View Pro S 2.1A Dual Charging Dock
- dreamGEAR i.Sound Universal Power View
- Sena Cases Florence Portfolio for iPad (3rd-Gen)
- Mipow Power Tube 5500 + Power Tube Shake 2600
- Scosche Realm RH656m / RH656md Headphones
- Sena Cases Folio II for iPad (3rd-Gen)
- Bowers & Wilkins P3 Headphones
- iBattz Mojo Treble Keychain Cable with Card Reader
- Hex Code Folio for iPad 2 + iPad (3rd-Gen)
- Moshi Origo for iPad 2/iPad (3rd-Gen)
Recent Articles
- Consolidating Multiple iTunes Libraries
- Converting Purchased Videos to 1080p HD
- Find My Friends always reports home location
- Creating an iTunes Match library from an external hard drive
- Benefits of keeping apps in iTunes when using iCloud
- Recovering iTunes from an External Hard Drive
- Normalizing volume levels for Voice Memos
- Replacement iPod nano not appearing in iTunes 9
- iOS Gems: ABC House, Kotomon, Luxor Evolved HD, N.O.V.A. 3 + Trucks HD
- Audiobooks and iTunes Match
1
Mr. Starrett,
I have received some of the emails dating back to the summer of last year. The key way to tell if it is fake is that the email address is not .(JavaScript must be enabled to view this email address), and the URL like you said is clearly not an official Apple Domain. I called Apple during the Holiday season and told them about it, and they said they would look into it.
Anyways, glad the media finally knows about it.
Posted by Drew on May 21, 2008 at 1:48 PM (PDT)
2
i’ve never had an itunes account and never open emails that i don’t recognize, however, fortunately, i check my bank accounts daily and discovered that somehow over $500.00 in charges for i-tunes showed up on my checkcard. i’ve never even visited i-tunes and even if i had i wouldn’t have ordered that much stuff from any download site!
i never received an email from i-tunes, phony or not. somehow, someone got that checkcard number and used it. the phone number associated with the fraud is a recording and useless. i-tunes refuses to acknowledge that someone out there is using them as a front for fraud. the media doesn’t seem to be interested either.
Posted by labby on September 17, 2008 at 10:34 AM (PDT)
3
I just downloaded what I thought was itunes and found that it asked for a small fee to download. I have never delt with Apple before so did not know better. I gave my credit card number and got the iTunes software. I decided to check out wht I had to pay for this and found that I had been redirected to a site in the Netherlands who charged my account $35.01. I had to cancel my credit card and am now wondering just what I downloaded. Anyone heard of this one?
Capitol One said they are getting quite a few calls about fraud of Apple and Yahoo.
Thanks Gary
Posted by Gary Mc on October 27, 2008 at 2:48 PM (PDT)
4
I lost $4300 , some one used check card to buy the itunes. I sent an email to apple itune store they said lets the bank talk to us regarding this fraud. I don’t know whether I will get my money back or not. There is no security at on line store. There should be some rule which should not allow more than some dollar amount. In many big companies or online store they have that rules, apple is such concern they don’t have such rule engine to verify the same card used for many times.
Posted by KSP on March 6, 2009 at 2:56 PM (PDT)