Be Wary of iPhone Announcements

Spammers will tell you anything to get you to click a link or open a file. They'll even tell you all about that new iPhone that Apple hasn't even announced.

In early October, they took advantage of all the iPhone chatter in a spammed email announcing that the "iPhone 5G S has been released." To make the announcement seem authentic, it appeared to come from news@apple.com.

Considering the excitement that any Apple announcement generates, how could a promise like this not result in plenty of clicks?

The email promises a "fifth generation of perfection” with a “bigger display [and a] transparent mode.” Transparent mode? Think about that! You could play with your phone while walking and still see the street below you if not the truck heading towards you. Or you could set it down on a crowded table and never see it again.

But no such phone has actually been announced. If Apple is actually designing a phone that will be exceptionally easy to lose, they're keeping mum about it.

According to a Technolog article by Athima Chansanchai, those who were fooled by the email were directed to a web site and encouraged to download and open an image file called iphone5.gif. Except that the file was really called iphone5.gif.exe. That double extension is an old malware trick. Windows' standard configuration hides a file's extension, making this particular file look to most users like a harmless picture instead of a dangerous program file.

Running this program will, in fact, display a photo of a transparent phone. But it will also install a malicious program that can send your credit card numbers and other information to a server in Hungary.

Don't doubt for a moment that similar emails will go out in the future. They will. What can you do about it? Keep a healthy skepticism about email. Check a file's real extension before you open it. And keep your anti-virus software up-to-date. Those who were fooled by this ruse and unprotected got infected. Those with Trend Micro's Titanium installed were not.

Subscribe to the Security Watch Newsletter