Sophos sounds alarm over Apple iTunes malware scam

News 23 Nov, 2012

Security vendors warns PC users to be on their guard against unsolicited emails as the festive season approaches.

PC users are being duped by a new type of malware that uses a fake Apple iTunes credit card charge to steal money from their bank accounts.

Security vendor Sophos is warning people to be on their guard against the scam, which typically starts with computer users receiving a malicious email informing them of a $699.99 Apple iTunes credit card charge.

“At first glance, recipients may find the malicious emails quite realistic as they use Apple's logos and formatting to appear like a genuine emailed receipt from the company,” said Sophos in a statement.

Users' computers can be infected by malware that logs keystrokes and compromise bank accounts.

When users click on one of the links contained in the email, they are taken to a web page purporting to belong to the IRS, which houses a Blackhole malware kit.

This is typically used to exploit vulnerabilities in Java, Adobe Reader and Adobe Flash Player, Sophos warns, which can lead to systems getting infected by a Zeus/Zbot Trojan.

However, if none of the exploits work, users are instructed to download a more recent version of their web browser, which contains a copy of the Zeus banking Trojan.

“The end result is that users' Windows computers are infected by malware that can log keystrokes and compromise bank accounts,” said Sophos.

Graham Cluley, senior technology consultant at Sophos, said users should always treat links in unsolicited emails with caution.

“Instead, users should go to the website of the company in question, or call the number on the back of your card or billing statement to find out the truth,” he advised.

"This is especially important at this time of year, as we typically see increased criminal activity during the Christmas season,” he added.