- Apple’s popular service, with millions of users transmitting bank details on the platform every day, has become a target for hackers looking for confidential bank data
- The email is a fake iTunes receipt corresponding to a purchase the user hasn’t made. Users that click the link in the message will be asked to download a fake pdf reader
- If they accept, they will be redirected to Web pages that download other malware, including banker Trojans
Apple’s popular iTunes platform has become the target of hackers looking to reach millions of potential victims -who every day enter their credit card details in this device- in order to steal this data and infect them, according to PandaLabs, Panda Security’s anti-malware laboratory.
Users receive a cleverly crafted email informing them that they have made an expensive purchase using their iTunes device. The user, who has not made this purchase using the platform, is concerned by the email and rapidly tries to resolve the problem by clicking on a link in the email.
However, after clicking the link the user is asked to download a PDF reader, which is fake. Once installed, this program redirects the user to infected Web pages (mostly Russian) containing banker Trojans among other malware which steal the user’s personal details.
“Phishing is nothing new”, says Luis Corrons, Technical Director of PandaLabs, “what never ceases to surprise us is that the techniques used to trick victims continue to be so simple, although the design and content is often very well worked. It’s often difficult not to fall in the trap. That’s why it’s absolutely crucial that when you use platforms such as iTunes, and you receive these types of notifications, never go to the website through the email, but rather from the platform itself. You can check your account status in real time from the account itself. And in this case you would therefore realize it is an attempt at phishing”.
This technique has been reported to the Anti-Phishing Working Group, who has started to block some of the Web addresses linked to in the fake email.
We advise all users to be wary of any emails of this type, now matter how genuine they might seem. If you think you may have been affected, we advise you scan your computer thoroughly to locate any possible active threats. If you do not have an antivirus installed, you can use the free Panda Cloud Antivirus.
More information is available in the PandaLabs Blog.