AfterDawn: News

Malware peddlers target iTunes users with bogus e-mail receipts

PandaLabs, the research arm of Panda Security, has warned that malware peddlers are sending out fake iTunes receipts via e-mail to lure users to download harmful software. The receipt looks authentic but is designed to make a user concerned about the total of the bill so they will click a "report a problem" link.

Clicking the link connects to a .RU site where a user will be asked to download a file. "After clicking the link, the victim is asked to download a fake PDF reader," PandaLabs said. "Once installation is complete, the user is redirected to an infected Web page containing the Zeus Trojan, which is specifically designed to steal personal data. This phishing attack was uncovered shortly after a similar phishing attack targeting LinkedIn users appeared last week, which appears to have originated in Russia."

Pic Source: PandaLabs

PandaLabs is urging users to always be careful of e-mails that may hide harmless-looking but malicious links that could result in a computer becoming infected or personal sensitive information being stolen.

"Phishing is nothing new," said Luis Corrons, technical director of PandaLabs, in a statement. "What never ceases to surprise us is that the techniques used to trick victims continue to be so simple, but the design and content is so very well-orchestrated. It's very easy to fall into the trap. When using services such as iTunes, it is absolutely crucial that users never go to the website via email, but rather from the platform itself where they can verify their account status."

Written by: James Delahunty @ 5 Oct 2010 0:51

• Previous article

• FCC seeks more information from Comcast, NBC Universal over proposed deal

• Next article

• Ballmer: Expect Windows Slates by Christmas

• 7 comments

• stuntman_

  apple customers are stupid enough to fall for this too
  

  
  
  
  

  5.10.2010 01:50 #1

• Zealousi

  Apple is stupid overall, Fail.
  

  5.10.2010 02:42 #2

• ps3lvanub

  I buy things from Apple, like devices and such (but not music), and I got one of these and didn't fall for it. Get off your high horse and stop stereotyping us.
  

  
  
  OMG! COD6 TENTH HACK WITHOUT JTAG!

  5.10.2010 08:52 #3

• ps355528

  hahahahahahahahaha
  

  
  
  irc://irc.villageirc.net/afterdawn

  5.10.2010 11:09 #4

• Dardandec

  Only silly people reply from an email link or button requesting information, whether it looks good or not, got an account from a provider the only rule is to go direct to site thro the web and check your details from there, SIMPLES

  5.10.2010 11:37 #5

• stuntman_

  Originally posted by ps3lvanub: I buy things from Apple, like devices and such (but not music), and I got one of these and didn't fall for it. Get off your high horse and stop stereotyping us. I worked for apple for 6 months trust me man I know how stupid their customers are. I am not saying you are stupid or that all apple customers are stupid. I am just saying from my experience the majority are extremely computer illiterate and would fall for something like this
  

  
  
  
  

  5.10.2010 13:20 #6

• ps3lvanub

  Originally posted by stuntman_: Originally posted by ps3lvanub: I buy things from Apple, like devices and such (but not music), and I got one of these and didn't fall for it. Get off your high horse and stop stereotyping us. I worked for apple for 6 months trust me man I know how stupid their customers are. I am not saying you are stupid or that all apple customers are stupid. I am just saying from my experience the majority are extremely computer illiterate and would fall for something like this Fair enough, I can see your point.
  
  

  
  
  OMG! COD6 TENTH HACK WITHOUT JTAG!

  5.10.2010 15:34 #7