iTunes used for phishing

A new phishing fraud alert has been triggered by Panda. According to the security company, this is a scheme that takes advantage of the popularity of iTunes to attract Internet users to pages of malicious code.

The way of acting is similar to that used in so many other schemes of the kind, in which users are attracted, through deceptive emails, to fake pages where malicious code programs try to infect systems.

In this case, emails are used as bait, allegedly sent by the Apple online store and related to purchase receipts in the same. As users did not make the aforementioned purchase, they are tempted to check the situation, following the links provided in the message.

When clicking on the links, they are suggested to “download a supposed application that will allow the file to be opened in PDF” and when accepting it, they are redirected to infected web pages (mostly Russian), which contain Trojans banking (Trojan horses), among other types of malware, intended to steal the user’s personal data.

The threat was reported to the Anti-Phishing Working Group, which has already started to block some of the web addresses provided in the fake emails. As usual, experts advise caution.

“It is not difficult to fall into this trap, which is why it is absolutely crucial that, when using platforms like iTunes and receiving such notifications, users never go to the website via email, but rather from the platform itself. There it will be possible to check the status of the account in real time and confirm if it was the target of a phishing attempt “, advises the technical director of PandaLabs.

The company provides an example of a used email, which we reproduce below.

Image provided by Panda