Fake iTunes Gift Voucher Carries Malware
Online security experts Sophos has informed about a bogus iTunes certificate that circulates malware. The phony mail that seems to have come from Apple informs that the user has got an iTunes gift certificate of $50.
The fake mail informs the user to get the certificate code in a .ZIP file attached with the mail.
The message also informs the users that they can claim the gift certificate and start purchasing music and other things from the iTunes Stores with the help of the certificate code apparently contained in a file attached to the mail.
But, the security officials claimed that the mail is not from iTunes and the claim of $50 gift certificates is only for luring users into opening the attachments with the mails. A user who opens the attachment will obviously not get any certificate code. Rather, on clicking the attachment, the user will install a malicious application that enables the installation of a Trojan program on the user's system.
After installation, this Trojan can change the Windows registry, allows the hackers to gain access to the infected system by connecting to a remote server, and download extra malware components. Sophos finds the malware embedded in a ZIP file as Mal/FakeAV-BW and Troj/BredoZp-AM.
Graham Cluley, Sopho's security researcher, stated that the excitement of receiving $50 iTunes gift certificate would make the users careless and they would open the attachment, as per the news published by NetworkWorld on May 10, 2010.
Besides Sophos, security company Trend Micro also cautioned against the scam. Trend Micro recommends the users not to open unfamiliar mails and to be careful while opening their attachments. Further, the security company recognized several recent scams that seem to have come from Apple which also includes the one offering free of cost iPads.
In addition, another security firm Bitdefender also traced a similar kind of scam in late April 2010. The security firm informed that an unfamiliar mail was circulating asking users to install the recent versions of iTunes as a prerequisite to update their iPad software. On clicking on the link, backdoor malware gets installed on user's system.
Related article: Fake Spam Mail Announces Australian PM’s Heart Attack
» SPAMfighter News - 20-05-2010