Phishing Attacks on Apple’s iTunes Users

Proofpoint, the communications security organization, detected a spoofed phishing message exploiting Apple's name, said on May 19, 2008 that people were receiving spam mails that told them to rectify an issue related to their iTunes account.

The spam mail, which contains a link, directs a user to a Website that pretends to display an updated billing page of iTunes. This phony page sought the user's information such as credit card number, security code, mother's first name, and Social Security number.

According to Andrew Lochart, Executive at the e-mail security company, Proofpoint, the theft is an attempt to introduce a new turn to the regular phishing attacks, as reported by IDG on May 21, 2008.

Meanwhile, security companies and their researchers have almost become familiarized with the regular company brands like eBay, PayPal and Citibank being subjected to attack. But finding Apple as a phishing target is a new for these security firms. Ironically, the latest phishing scheme almost serves as a compliment.

Further, according to Lochart, the incident is probably indicative of the con artists finding Apple's presence on the Internet so prominent that it could be turned into a profitable target. Lochart said that this prominence is largely emerged from the recent success that Apple enjoying.

Researchers at Proofpoint also think that the reason for the fraudsters to target their attack on iTunes users was that the service was widely used and accepted.

Lochart said that he wondered if the fraudsters are thinking that the users of iTunes are younger in age compared to those for other sites that spoofed organizations like eBay or banks. The manner in which young adults or teenagers use the Internet is indicative of the level of openness and trust they show on sites while posting their private information.

Although people might overlook the falsity of the spam's link to the fake iTunes page, the URL clearly shows that it does not belong to the legitimate iTunes domain. However, Researchers at Proofpoint believe that if the new phishing expedition is not able to yield any response, then the attackers might revert to the more conventional phishing brands.

Related article: Phishing With A Redirector Code

» SPAMfighter News - 5/29/2008