iTunes gift card phishing scam emerges

A new phishing attack tries to con users into giving up details of iTunes music store gift vouchers.

Symantec is warning of a new phishing campaign targeting Apple users in an attempt to trick them into giving up their Apple gift card data.

The phishing attempt was contained in spam messages detected by Symantec. The messages claimed to enable users to check the balance amount for Apple gift cards. Clicking the link contained in the email forwarded users to a phishing website which requested the Apple gift card number and pin number. If a user complies, the response states the balance inquiry is unavailable. Symantec included a screenshot of the phishing page. The Web page was typosquatted but it used Apple’s genuine customer care number to be convincing.

Cybercriminals have been trying to reap the benefits of the success of Apple’s iPhone and now its tablet, the iPad. Sophos discovered a phishing message in a spam campaign in January that attempted to get iPhone users to give up their information for an extended iPhone warrantee. The site was very convincing. All the links pointed to a genuine Apple support page.

Richard Cohen of SophosLabs Canada said the cybercriminals were attempting to steal iPhone serial numbers and unique International Mobile Equipment Identity (IMeI) number. The number is used to verify valid devices on cell phone networks.

IMEI numbers are used by network providers to block connections from phones registered as stolen, so by harvesting details from live phones criminals might be able to launder stolen phones. Whatever they plan to do with your iPhone details, it’s not going to be good. You’re enticed in with a warranty, but the only thing you’re going to get is ripped off.

In a more sophisticated attack detected by researchers at BitDefender, iPad users are the target. A spam message instructs iPad users to download iTunes onto their PCs before updating and syncing their new iPad. Following the malicious link leads to a backdoor Trojan.

Sabina Datcu, a researcher at BidDefender said the Trojan can “read the keys and serial numbers of the various software installed on the affected computer, while also logging the passwords to the victim’s ICQ, Messenger, POP3 mail accounts, and protected storage.”

All of the researchers said users need to heed caution when receiving unsolicited email. Having updated antivirus software helps block many of the attacks. Check the URL of the site to see if it is legitimate and if you have reservations, don’t give up any sensitive information.

Read more on Security policy and user awareness