CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
August 14th, 2008

Apple MobileMe Users Are Attacked By Phishing Scam

A new phishing attack circulating via email messages and target Apple MobileMe users. These messages claim that there is a problem with the user’s billing information and instruct the user to follow a web link to update personal information. Clicking on this link directs the user to a web page that contains a seemingly legitimate web form requesting personal and financial information. Any information entered in this form is not sent to Apple but rather, to a malicious attacker.

Hundreds of Mac users have already been deceived by this phishing scam according to data obtained by CardCops, a credit card protection service owned by the Affinion Group. Sensitive information belonging to several hundred people with Mac.com email addresses being traded in underground forums frequented by identity thieves. The details include social security numbers, birth dates, mothers’ maiden names, credit card numbers and other sensitive information. This event coincided with the glitches in the roll-out Apple’s MobileMe service.

The information was phished using emails that began circulating around the same time Apple began its ill-fated transition from Mac.com to Me.com. The scams bore subjects such as “Billing problem.” The phishing email purporting to come from Apple looks clean and sleek, the text courteous and professional, hardly the kind that instantly gives away an email as a fake or scam. Below is a screenshot of the said email:

A number of links in the email body directs the victim to legitimate Apple pages, and only one link (the clicking here link) is directed to the phishing site. Once users click on the link, they are directed to http://www.******tevideos.net/store.apple.com/us, a site that is not associated with Apple. It displays a Web page fashioned to look like one from the Apple Web site, and asks the user to update their billing information.

Users following the link while using Apple’s Safari browser are taken to an authentic-looking page purporting to belong to Apple. It asked users to reinstate their accounts by entering all kinds of personal details. Internet Explorer warned that the page was a scam, but Safari and Firefox did not.

Users, especially Apple service users, are implored to be wary about clicking on links from emails that appear to be legitimate.

Share this item with others:

More on CyberInsecure:
  • Mac users are advised not to use Safari by Consumer Reports
  • FCO Warns About “Recession Relief Programme Fund” Phishing Scam
  • Critical Mac Flaws Triggered By Images Fixed By Apple
  • Phishing Campaign Fake Legitimate Apple Emails, Steals Victims ID And Password
  • Apple QuickTime Multiple Remote Vulnerabilities

    • Posted in Apple, Phishing, Spam | Print This Post Print This Post

    This entry was posted on Thursday, August 14th, 2008 at 10:58 am and is filed under Apple, Phishing, Spam. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Apple MobileMe Users Are Attacked By Phishing Scam

    One Response to “Apple MobileMe Users Are Attacked By Phishing Scam”

    1. Surendra Says:
      May 16th, 2012 at 11:03 pm

      Well, I’m an idiot. I am usually prttey good about sniffing these out, but as I was cleaning my e-mail I saw this (I’m very tired too). I clicked the link and only took me to a We’re sorry but this page is not available but the whole thing looked weird to me. I’m running Symantec Endpoint Protection at the moment and nothing has come up. From what I read there was an associated zip file or some other executable. What should I look for?

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « «
    » »