There is a new phish in town, and now its targeting iTunes users trying to access their personal information. This attack is emailed in the form of a receipt which appears to come from your iTunes account listing movies the victim supposedly purchased.
There is a link at the bottom which, when clicked, directs the victim to a page asking for personal information in order to obtain a full refund including credit card numbers, social insurance numbers, and even mother’s maiden name. It is quite obvious what they can then do with all this sensitive data once it is stolen.
To stay ahead of the curve, be sure you are always reviewing the source of the email, sender’s email address, and the actual URLs of the links being suggested, among other things. And of course, double check your credit card and bank accounts to see if these charges are, in fact, real. Once you realize these charges are not even listed on your accounts, it is more obvious that this potentially is a scam.
While this current scam is aimed at our Canadian neighbors up north, it won’t be long till it makes its way down to the lower 48. Always be suspect of any email asking for you to click on a link. If you’re not sure all your employees are properly trained on how to look out for these types of scams, Optfinity provides training and testing for you and your staff to prevent security breaches by victimized employees.