by Gregg Keizer, Computerworld
Phishers have targeted users of Apple’s iTunes music store with sophisticated identity theft attacks for the first time, a security company said Tuesday.
People began receiving spammed messages Monday telling them that they must correct a problem with their iTunes account, said Andrew Lochart, an executive with e-mail security vendor Proofpoint Inc.
A link in the spam leads to a site posing as an iTunes billing update page; that phony page asks for information including credit card number and security code, Social Security number and mother’s maiden name.
The theft attempt is a new twist on the usual phishing attack, said Lochart. “We’ve gotten used to seeing the usual companies and brands attacked,” he said, “like PayPal, eBay and Citibank. But we’ve never seen Apple as the target.”
In a way, said Lochart, the phishing campaign is almost a compliment. “It’s probably indicative that the bad guys see Apple’s online presence as large enough to be a target. It’s part and parcel of the success that Apple has enjoyed lately.”
Read more..
