Spam Campaigners Target iPhone Users with Huge Discounts and Trojans
Spammers are taunting iPhone users with fake “iPhone Picture Snapshot message” emails that infect people with malware.
Innocent Mac aficionados are made to believe they received a snapshot message as an attachment. To see it, they only need to download the file. It’s an old, but still dangerous, trick that continues to claim victims.
The e-mail attachment is a malicious piece that, once downloaded, transforms the machine into a zombie in a botnet operated by a cybercriminal gang, according to a blog post by Dancho Danchev.
Identified by Bitdefender as Trojan.Generic.9465593, the attached Trojan is a menace that instantly contacts its command and control servers and asks the bot-master for further instructions or downloads additional malware. Plus it steals login data for FTP accounts, bitcoin wallets, and browser credentials.
This threat distinguished itself in a versatile context of Mac-oriented spam campaigns that aim at iPhone users with dazzling offers for cheap iPhones, “latest Apple guides, news and reviews” or 90% off deals for iPad 4 and iPhone 5.
The e-mail messages are written in English, German, Spanish and Italian and invariably invite users to click on links in the body of the message that lead to cheap ad pages through a series of redirects.
Clicking on links in unsolicited e-mails is a dangerous practice. Always. At the other side of the click might be an annoying ad to a product you don’t need – or a bogus deal for a product you do want. If it persuades you to type in your card data, it will likely a fraudster who will use your identity or money to his benefit. Both the click and the attachment can infect your system with malware.
For purchases, use only your personal PC and a dedicated payment solution such as Bitdefender Safepay to securely perform transactions even when you are connected to a public, unencrypted hotspot.
This article is based on the spam samples provided courtesy of Ionuț-Daniel RĂILEANU, Bitdefender Spam Researcher.
All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.