Be wary, phishers targeting iTunes users

For the first time in Apple’s history, an Apple program is the target of a Phishing scam. Recently, thousands of iTunes users have received fraudulent emails, asking them for personal information including credit card numbers, Social Security numbers, mother’s maiden name, and more. Andrew Lochart of Proofpoint, inc. expressed his surprise with the attempt. “We’ve gotten used to seeing the usual companies and brands attacked,” he said, “like PayPal, eBay and Citibank. But we’ve never seen Apple as the target”. For Apple, the Phishing attempt should in a way come as a complement, as Phishers would never bother with a small-time site. Apple’s recent success in both the music industry and computer industry can be blamed as the reason for the attack.

Another speculation by Lochart as to the reasoning behind the attempts is the (assumed) demographic of iTunes users. The attackers probably assumed that the average iTunes user would be the highly trusting, technologically inept teenager, willing to share things such as the sensitive info requested. “I wonder if the bad guys are thinking that [iTunes users] are younger than those for some of the other phished sites, like banks and eBay,” said Lochart. “The way that teenagers and young adults use the Internet, they show a certain level of trust or openness when they post their name and age and school on MySpace.”

Lochart says that the spammers have actually done a pretty poor job of disguising the scam, but still, be wary of emails, that, due to their content, may be overlooked by spam filters.

Via [Computer World]