There’s a new Phishing scam targeting Apple’s MobileMe customers. The scam attempts to get users to send their MobileMe login information—which for some customers is the same as their iTunes account—by posing as a spoofed letter from Internet service providers.
Phishing scams are efforts to trick users into voluntarily giving up login information, passwords, or account numbers. They can many forms, but the most common tend to be emails the bad guys hope you will either reply to or emails that include links to pages set up to spoof legitimate businesses.
In this case, the bad guys are hoping that users will reply to an email with their MobileMe login information. We’ve seen an example with SBC as the sender, and there’s another example online from December 14th that purports to be from Frontier Communications.
As with most Phishing scams, the attempt is clumsy, but the inclusion of a copyright symbol and fake warning jargon could conceivably trick less savvy Internet denizens.
If you receive this message, DO NOT REPLY TO IT. On a more general note, never send your login information for anything through e-mail. Legitimate companies and their legitimate representatives will never ask for it in such a manner.
Here’s the full text of the example we received:
Dear MobileMe Subscriber,
=================Virus Notification
A DGTFX Virus has been detected in your MobileMe folders. Your email account has to be upgraded to our new Secured DGTFX anti-virus 2011 version to prevent damages to our web mail log and to your important files. Click your reply tab, Fill the columns below and send back to us or your email account will be terminated to avoid spread of the virus.
Email:
User name:
Password:
Reconfirm Password:Note that your password will be encrypted with 1024-bit RSA keys for your password safety.
All MobileMe User Should Reply Now !!!
Failure to do this will immediately render your Web-email address deactivated from our database.
Thank you for your co-operation.
Warning Code :ID67565434
© Copyright 2011 Apple Inc. All rights reserved.
As noted above: DO NOT REPLY TO THIS MESSAGE OR SEND YOUR LOGIN INFORMATION THROUGH EMAIL!