“An e-mail purporting to be from Apple alerting users to a billing problem is, in fact, a phishing scam that’s targeting users of Apple’s online service,” Peter Cohen reports for Macworld.
“The e-mail, forwarded to Macworld by a reader, looks like an official communication from Apple regarding MobileMe, the company’s subscription service that provides users with a personal e-mail address, Web hosting, file sharing capabilities, and online data synchronization between Macs, iPhones, and other devices. The e-mail states: ‘We were unable to process your most recent payment. Did you recently change your bank, phone number or credit card?’ Users are then invited to click on a link to enter that information—but that link opens a Web page in your browser that does not appear to be affiliated with Apple or MobileMe (the other links in the e-mail do point to pages on Apple’s official Web site),” Cohen reports.
“A check of the link information reveals that it is registered to a personal Gmail account originating in Bacau, Romania,” Cohen reports. “In phishing scams, crooks send a phony, official-looking e-mail that tries to entice recipients into revealing private information such as passwords, social security numbers, or credit card and banking account data.”
More info and a screenshot of the email in the full article here.
MacDailyNews Note: Click through to see the email and do not click on links from unsolicited, untrusted emails. Read Macworld’s companion piece “How to avoid phishing scams” here.
Thanks for the warning. I wonder, though, about the timing. Dude, we all got a free month! How can we have a “billing issue” when this month is FREE?!?!?!?!?
30 Zune Market Place points to the first reader who finds punditry identifying this Phishing Scam as a virus, trojan horse or other OS X vulnerability the likes of which Windows has never seen!
Another sign of Apple becoming the new Microsoft?
They must be some religious cult order! Taking the statement, “I will make you fishers of men” quite literary!!!!!
We are the Phishers of men cult.
whoever is doing this… i challenge them to a battle to the death in the real world… lets see how they fair in real life!
I never did trust that sneaky Trey Anastasio.
@Nick Fury: Are you sure you are not Ampar?
silverwarloc: If I claimed to be, some mouth-breather with serious personal hygiene issues would insist I was an impostor. So, hopefully, and as it should be, it doesn’t matter.
to these freaks, is to fill out the forms with spurious info, clog up their systems
The sneaky thing is that anyone using Safari isn’t specifically protected from phishing scams. Of course anyone using Internet Explorer or Firefox is!
I have received 2 such phishing attempts, the first on July 30, 2008 03:12:44 PM CEST and the next on August 1. I forwarded the messages to Apple within 10 minutes of having received them.
I got that mail about two weeks ago or thereabouts. Called a friend in Apple product security about it, and they already knew about it.
-jcr
@ Jordan
How exactly is Safari not “specifically protected from phishing scams”? If the scammers send you email, then it goes to your email application, not Safari. Safari is a web browser – not an email client. What you claim makes no sense.
You can use OpenDNS or similar to block phishing sites. I think Macworld has an article on OpenDNS.
@montex
What happens if you click on a link inside the e-mail?
What software opens on your Mac?
Do you understand now?
to montex:
When Safari opens a web-site, it does nothing but open that web-site.
When Firefox (or, for that matter, IE7) opens a web-site, it checks the URL of the site against a continuously-updated (every 30 minutes) list of phishing URLs. If there is a match, you are warned.
Apple should do something about Safari, since the issue isn’t with a security of OS X, or any of Apple’s applications; it is with the security of social engineering (a malicious actor gets an innocent user to click a link to a malicious web-site, which tricks the user further to provide voluntarily personal information).
Way too many innocent, inexperienced people fall for the phishing e-mails. I have personally known several who had serious identity theft issues as a consequence of falling for a seemingly genuine alert from their bank, from eBay, NetFlix, or someone with whom they have a relationship and would normally trust.
Phishing is probably the most effective social engineering scam and Apple must quickly integrate some protection into Safari.
Actually, one must admit that now would be the perfect time for the hacker scum to target iPhone—just when millions of Windoze morons are snapping up the new iPhone 3G.
Mail on the iPhone is particularly vulnerable to phishing. It does not let you show headers (so you can’t tell if the mail was sent from a server in China, Brazil etc.). And it does not let you show raw HTML, so one of those phishy links with an anchor tag that sends you to the phish site in Nigeria will display as billing.apple.com or whatever the phish-scum wants it to read. Only when Safari launches will you see that you’re going somewhere you shouldn’t, and only then if you are paying attention.
Apple needs to enable both these options on the iPhone (show headers, raw HTML)
Enabling headers, raw HTML is pointless. Us here know what’s a phishing message without opening a header or looking at source HTML code. You can often easily tell by the content and by what is asked of you. You know that no bank or online entity will ever ask this stuff of you.
Those who are vulnerable to the phishing scams are people who have no idea what an e-mail header is, or what HTML means. They’ll click when they see an alert from their bank.
Again, what Apple needs to do is implement some sort of protection directly into Safari, on all platforms (Mac, Win, iPhone/Touch).
Phishing protection is already there in Safari. Just hover over the link and it displays the URL. If it’s supposed to be an Apple corporate page it won’t start with something like “http://www.phish-on.com…..” No need to open source code or look at headers.
“Phishing protection is already there in Safari. Just hover over the link and it displays the URL”
I’m assuming you meant Mail, not Safari, as the link would appear in an e-mail, not a web-site. Surely you’ll agree that you can’t call that protection (that might be what Microsoft would try). Where would an ordinary user find out that if they hovered the mouse pointer over some link, a URL would appear down below at the status bar?
If you open a phishing site in Firefox or IE7, the browser warns you in a clear and unambiguous way that you’re on a phishing site. There is no action, effort, or vigilance required on your part. This is precisely how it should be, and Apple should do something about it.