Black Friday: Security team warns against malicious iTunes emailsby Steven Mostyn - Nov 25 2011, 16:46
Here’s a note of caution for all those bargain hunters presently slavering at the prospect of securing some tasty Black Friday deals: A team of vigilant security experts in Germany are today advising computer users to be wary of tantalizing iTunes emails supposedly bearing gifts.
According to the ‘eleven-securityblog’, a malicious email that appears to have been dispatched from iTunes is currently trip-wiring recipients into unwittingly opening their systems to attack.
The email ‘offer’ in question apparently promises the delivery of $50 USD’s worth of credit for the purchase of music, games and video content through the iTunes Store.
However, recipients suitably tempted by the fake freebie will quickly find their computers remotely hacked should they attempt to redeem a code from the mail’s attached “Gift_Certificate_iT9581” zip file.
“The zip file contains further executable files that install with double windows in two different directories on each Windows startup and be active,” note the security team.
“So far, no signature for the malicious software has been created,” they add. “However, one can assume that it is a Trojan or worm.”
Although computers properly protected by Internet security programs are likely to deflect the attack, hardware without adequate protection could be deprived of personal user information while also suffering from notably degraded performance.
Reiterating the German security bloggers, we here at Tech Herald Towers suggest readers be especially careful should an email entitled “iTunes Gift Certificate” from “official @ itunes.apple.com” arrive in their inboxes.
This latest online attack comes as criminals look to exploit the annual rush of cut-price retail offers that fuel consumer spending during the Black Friday weekend (Nov. 25 to Nov. 28).