Phishers have targeted users of Apple Inc.'s iTunes music store with sophisticated identity theft attacks for the first time, a security company said Tuesday.
People began receiving spammed messages Monday telling them that they must correct a problem with their iTunes account, said Andrew Lochart, an executive with e-mail security vendor Proofpoint Inc.
A link in the spam leads to a site posing as an iTunes billing update page; that phony page asks for information including credit card number and security code, Social Security number and mother's maiden name.
The theft attempt is a new twist on the usual phishing attack, said Lochart. "We've gotten used to seeing the usual companies and brands attacked," he said, "like PayPal, eBay and Citibank. But we've never seen Apple as the target."
In a way, said Lochart, the phishing campaign is almost a compliment. "It's probably indicative that the bad guys see Apple's online presence as large enough to be a target. It's part and parcel of the success that Apple has enjoyed lately."
Lochart also speculated that the identity thieves aimed the new attack at iTunes users because of the service's perceived demographics. "I wonder if the bad guys are thinking that [iTunes users] are younger than those for some of the other phished sites, like banks and eBay," said Lochart. "The way that teenagers and young adults use the Internet, they show a certain level of trust or openness when they post their name and age and school on MySpace."
On one hand, Lochart added, young people who grew up with the Internet are considered technologically savvier than their elders. "But then you see the way they use something like MySpace in a way that's considered risky behavior."
Although the phoniness of the link to the bogus iTunes account page might be overlooked in the spam e-mail, the URL is clearly not part of the official iTunes domain. "They've actually done a pretty poor job," Lochart, said of the phishers.
For more enterprise computing news, visit Computerworld. Story copyright © 2007 Computerworld Inc. All rights reserved.
- Sponsored Resource:Are you ready for virtualization? Try the sever assessment tool.
- Sponsored Resource:Stay at home servers. Learn more about a home server for your family.
- Sponsored Resource:Get the communications, data, and security a business needs in one neat package. Learn more.
- Sponsored Resource:Learn more about ultra light notebooks from Asus and the best warranty in the industry.
- Sponsored Resource:Thinking about a new Laptop? Lenovo has models to meet everyone's needs.
- Sponsored Resource:Get the truth about remanufactured ink. Learn more from HP.
- Sponsored Resource:Six smart ways to grow small business IT
News For Your Business
- OS X Virus Described
- Top Spammer Sentenced to Nearly Four Years
- Colorado 'Spam King' Walks Away From Prison Camp
- Norton 2009 to Speed Up Malware Screening
- Judge Puts off 'spam King' Sentencing
Community Comments