Sophos sounds alarm over Apple iTunes malware scam

Security vendors warns PC users to be on their guard against unsolicited emails as the festive season approaches.

Music cloud

PC users are being duped by a new type of malware that uses a fake Apple iTunes credit card charge to steal money from their bank accounts.

Security vendor Sophos is warning people to be on their guard against the scam, which typically starts with computer users receiving a malicious email informing them of a $699.99 Apple iTunes credit card charge.

"At first glance, recipients may find the malicious emails quite realistic as they use Apple's logos and formatting to appear like a genuine emailed receipt from the company," said Sophos in a statement.

Users' computers can be infected by malware that logs keystrokes and compromise bank accounts.

When users click on one of the links contained in the email, they are taken to a web page purporting to belong to the IRS, which houses a Blackhole malware kit.

This is typically used to exploit vulnerabilities in Java, Adobe Reader and Adobe Flash Player, Sophos warns, which can lead to systems getting infected by a Zeus/Zbot Trojan.

However, if none of the exploits work, users are instructed to download a more recent version of their web browser, which contains a copy of the Zeus banking Trojan.

"The end result is that users' Windows computers are infected by malware that can log keystrokes and compromise bank accounts," said Sophos.

Graham Cluley, senior technology consultant at Sophos, said users should always treat links in unsolicited emails with caution.

"Instead, users should go to the website of the company in question, or call the number on the back of your card or billing statement to find out the truth," he advised.

"This is especially important at this time of year, as we typically see increased criminal activity during the Christmas season," he added.

Featured Resources

The definitive guide to warehouse efficiency

Get your free guide to creating efficiencies in the warehouse

Free download

The total economic impact™ of Datto

Cost savings and business benefits of using Datto Integrated Solutions

Download now

Three-step guide to modern customer experience

Support the critical role CX plays in your business

Free download

Ransomware report

The global state of the channel

Download now

Recommended

The state of ransomware in retail 2021
Whitepaper

The state of ransomware in retail 2021

23 Aug 2021
New malware uses search engine ads to target pirate gamers
malware

New malware uses search engine ads to target pirate gamers

21 Jul 2021
HackBoss malware is using Telegram to steal cryptocurrency from other hackers
cryptocurrencies

HackBoss malware is using Telegram to steal cryptocurrency from other hackers

16 Apr 2021
Sophos XG 230 Rev.2 review: Powerful and flexible
unified threat management (UTM)

Sophos XG 230 Rev.2 review: Powerful and flexible

1 Apr 2021

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

17 Sep 2021
What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

8 Sep 2021
The technology powering the future of shopping
Technology

The technology powering the future of shopping

16 Sep 2021