A new malware attack has seen hackers use fake iTunes Store receipts in order to trick users into installing the Zeus malware, which steals financial details.
“Victims receive a cleverly crafted email informing them that they have made an expensive purchase on iTunes,” security firm PandaLabs said in a statement.
“The user, having never made the purchase to begin with, is concerned by the email and naturally tries to resolve the problem – in this case by clicking on the proffered (fake) link.”
After clicking on the link, users are taken to a website which installs a fake PDF reader. If the software is installed, the malware spreads throughout the computer.
PandaLabs said it is important that users click on links through unverified emails, but should instead visit the iTunes store and other websites through entering the URL themselves.
“When using services such as iTunes, it is absolutely crucial that users never go to the website via email, but rather from the platform itself where they can verify their account status.”
COMMENTS
SmartCompany is committed to hosting lively discussions. Help us keep the conversation useful, interesting and welcoming. We aim to publish comments quickly in the interest of promoting robust conversation, but we’re a small team and we deploy filters to protect against legal risk. Occasionally your comment may be held up while it is being reviewed, but we’re working as fast as we can to keep the conversation rolling.
The SmartCompany comment section is members-only content. Please subscribe to leave a comment.
The SmartCompany comment section is members-only content. Please login to leave a comment.