New Phishing Scam Involves iTunes

iTunes phishingOdds are, most people who bank or shop have heard of the term phishing. It’s a cybercrime tactic where criminals attempt to trick unsuspecting users into giving away personal information – such as passwords or credit card numbers – using fake websites. Sometimes crooks will use the tactic to gain access to computer systems. Either way, it  ends badly for those who fall victim.

A new phishing scam involving iTunes has recently surfaced and anyone who uses the service is warned to keep an eye on their inbox. Scammers send an email that appears to be from iTunes confirming a user’s purchase. However, since the email is false, the user will know they did not make the purchase and will click the link shown in the email. This is when the phishers entice you to reveal your Apple ID and password, which they then use to make fraudulent purchases.

Sophos has provided a pretty clear description of the fraudulent emails, so if you suspect you’ve received one but aren’t sure, check it out.

Remember it is important to be safe on the Internet and always be weary of emails requesting your personal information. recommends following these steps to help identify phishing scams:

Hover your cursor over the link. Often, that reveals the actual link is to an unrelated site.

Look at the To: field. It might not have your actual email address in it. It might say Undisclosed Recipients. That’s a tip off. BUT – it really might have your real email address, so keep checking.

Look at the From: field. It might not have a legitimate address. BUT – again, addresses can be spoofed, so even if it looks right, keep checking.

Use your common sense. If you receive an email asking you to provide account information to a bank or store or credit card company where you do not have an account for heaven’s sake don’t click on anything. That is a phishing email.