PandaLabs has discovered that iTunes has become a major target for hackers looking to steal credit-card data from the millions of users.
Victims receive an email informing them they have made an expensive purchase on iTunes. The user, who has never made the purchase, is concerned by the email and tries to solve the problem by clicking on the fake link.
After clicking the link, the victim is asked to download a fake PDF reader. Once installation is complete, the user is redirected to an infected Web page containing the Zeus Trojan, which is designed to steal personal data. This phishing attack was uncovered shortly after a similar phishing attack targeting LinkedIn users, which appears to have originated in Russia.
“Phishing is nothing new,” said Luis Corrons, technical director of PandaLabs. “What never ceases to surprise us is that the techniques used to trick victims continue to be so simple, but the design and content is so very well-orchestrated. It’s very easy to fall into the trap. When using services such as iTunes, it is absolutely crucial that users never go to the website via email, but rather from the platform itself where they can verify their account status.”
This technique has been reported to the Anti-Phishing Working Group, which has started to block some of the Web addresses linked to in the fake email.