By Munir Kotadia, 3 July 2007 08:18
NEWS
As Apple's newest gadget starts selling in US stores, spammers are exploiting the surrounding product craze by sending emails that try to dupe recipients into thinking they have won an iPhone of their own.
Web-filtering specialist Secure Computing is warning users not to fall for the socially engineered emails that contain a link which, if clicked on, will attempt to connect to a website and install malicious software designed to take control of the victim's computer.
Paul Henry, vice president of technology evangelism for Secure Computing, believes that although this is the first iPhone-related phishing scam, it certainly will not be the last. "Because of the popularity of the iPhone brand, this is the first in what's bound to be a series of scams involving the iPhone," Henry said.
The criminals behind this scam are using sophisticated techniques to thwart security companies. For example, the website is loaded with more than 10 pieces of malicious code, each targeting a potential browser vulnerability. In addition, users who attempt to visit the site more than once are redirected to another, "safe" website.
Henry said: "This threat is particularly insidious in that scripts within the HTML code returned to the user contain exploit code for multiple vulnerabilities to improve the malicious hacker's chances of gaining the necessary access to install the rootkit/spambot malware."
Munir Kotadia writes for ZDNet Australia
Comments
There are 2 comments. Join the discussion
1. MusicFan
Excellent!
At last, the spammers are putting their knowledge to good use!
Anyone who is interested in the "i-bullspizzle" deserves to be raped of all their cash and identity.
Hooorah....
2. anonymous
To educate - Bullspizzle is part of a bull, you can not get it from a cow.
Most appropriate description i feel