Wednesday, October 06, 2010
iTunes users report "phishy" account activity
If it smells like an apple, is it Apple? In other words, if you receive an e-mail about your iTunes account, and the e-mail has the look, the feel, the tone of Apple--and you really do have an iTunes account--how do you know whether the e-mail was really sent from Apple?
For a year now, many iTunes and PayPal users have become victims of fraud after incurring hundreds and even thousands of dollars in charges on their accounts they had not authorized. Problem is, iTunes and PayPal report their systems were not compromised. So what's going on?
"Because there was no wholesale breach, the most likely scenario was that it was a phishing attack," says Clifford Neuman, the director of the University of Southern California's Center for Computer Systems Security. (msn.com Oct. 5)
Phishing e-mail messages are designed to steal your identity. They ask for personal data, or direct you to Web sites or phone numbers where they ask you to provide personal data. They likely will look like legitimate e-mails, using company logos and masked website addresses which direct you to fake sites.
If you are ever in doubt about the legitimacy of an e-mail, the best thing to do is to call the company directly or go to their website using a number or a URL you know to be true. And if in doubt, NEVER provide any personal or sensitive financial information via web, phone, or e-mail.