A new email-based phishing campaign is using a fake US$200 Apple Store gift card as bait, says security firm Webroot. The message prompts people to click a download link or open an attachment; doing either will actually install Java-based malware, which is then used to steal personal data from a computer. The data could be used for crimes like identity theft.
Although the email copies fonts and graphics used in official messages from Apple, there are some telltale signs that the content is wrong. The company never randomly awards gift cards, and most of its cards are in far smaller amounts. Apple also never hides gift codes in separate links or attachments, or uses terms like ‘client’ to refer to customers.
by MacNN staff