According to a research from Symantec, the Kelihos botnet has started sending spam e-mails that claim to be security alerts from Apple, informing recipients that a purchase was made using their Apple ID from the iTunes Store.
The rogue e-mails bear the subject ‘Pending Authorization Notification’ and claim that the purchase was made from a computer or a device not previously linked to the user’s Apple ID. The emails list an Internet Protocol (IP) address from where the purchase was allegedly initiated.
The fake messages instruct users to click on a link if they didn’t initiate the purchase. The link leads to a phishing website that masquerades as the Apple ID log-in page and steals the credentials inputted by users.
The Kelihos botnet cyber-criminals are known for exploiting current events. In August 2014 they launched a spam campaign that encouraged Russian-speaking users to install a program on their computers so they can be used in distributed denial-of-service (DDoS) attacks against Western government websites in response to the recent international sanctions against Russia. The emails actually linked to a variant of the Kelihos malware, not a DDoS program.
To prevent unauthorized access to their accounts even when their user names and passwords are compromised, users are advised to turn on two-step authentication for their Apple ID accounts.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now
We welcome comments that add value to the discussion. We attempt to block comments that use offensive language or appear to be spam, and our editors frequently review the comments to ensure they are appropriate. If you see a comment that you believe is inappropriate to the discussion, you can bring it to our attention by using the report abuse links. As the comments are written and submitted by visitors of the The Paypers website, they in no way represent the opinion of The Paypers.