Just days before Apple Inc.’s much anticipated product announcement on Tuesday, reports are circulating that a hacker group has launched a phishing campaign which exploits users’ security concerns over their Apple online accounts.
The campaign started just a few days after news broke of celebrities having their Apple iCloud accounts being compromised. A large cache of celebrity nude photos were leaked after iCloud accounts of celebrities were compromised. Security software company Symantec Corp. said that a major botnet is now targeting Apple customers with spam emails.
The company believes Kelihos botnet, which is mainly used for spam and stealing bitcoins, is being used by the attackers to send bogus alerts that purport to come from Apple. The emails inform potential victims that a purchase was made using their Apple ID from the iTunes Store, according to a recent Symantec blog.
The spam emails have the subject line “Pending Authorization Notification.” The email informs the user that their account was used to purchase the film “Lane Splitter” on a computer of device that was not previously linked to their Apple ID. The email includes an IP address purportedly located in Volgograd, Russia and which is supposed to have been used to make the purchase.
The email tells the user that if they did not make the purchase, they should check their Apple ID by clinking on an accompanying link.
“This will lead to a shortened URL that in turn directs the victim to a phishing page,” according to the Symantec blog.
The page, which is made to appear as an Apple Web site, asks the user to submit their Apple ID and password.
“If the victim does so, the attacker will presumably harvest their credentials for exploit or resale,” Symantec said.
Symantec advises users to follow these best practices to avoid becoming victims of phishing attacks:
- Beware of messages claiming that your account has been restricted or somehow needs to be updated
- Do not click on suspicious links in email messages
- Do not provide any personal information when replying to emails
- Do not enter personal information in a pop-up page or window
- Exercise caution when clicking on enticing links sent through emails or posted on social networks
- Use comprehensive security software to be protected from phishing and social networking scams
Tim Cook, chief executive of Apple announced last week that the company is beefing up security around iCloud. He said none of the compromised Apple IDs and passwords was leaked from Apple’s servers.
Apple is expected to announce its latest smart phone, the iPhone 6 on Tuesday.
Bad link to the Symantec blog. Add an “n” at the end.
Thanks Gisabun. We’ve fixed that link now.