The iPhone Scams Begin..

The new Apple iPhone has only just been released and already there are a couple of scams surfacing!

The first one is delivered by email with the enticing promise of a free iPhone.

There is a hyperlink contained in the body of the email which supposedly takes the victim to a website where they can claim their ‘prize’.

However, the link actually points to a website that contains malicious code designed to take advantage of several flaws in Internet Explorer’s security.

Should this attack succeed, the target computer becomes infected with code that turns it into a zombie machine that will forward the coder’s spam for him.

The second scam uses a combination of methods in an attempt to scam it’s victims.

An associated webpage installs a trojan onto the target’s computer which has the purpose of exploiting vulnerabilities in Internet Explorer 6 and 7.

When the trojan is in place a visit to either Google.com or Yahoo.com will cause a pop-up to appear, advertising an iPhone through a site called iphone.com.

This site will normally redirect the user to an Apple run iPhone site, however, the trojan will redirect the user to a pharming site that spoofs iphone.com.

This spoofed site appears genuine and has all the Apple iPhone imagery you would expect to see.

After completing the fake order screens, the potential purchaser is then instructed to send payment via Western union or Moneybookers to an address in Latvia.

Obviously it goes without saying that you wouldn’t receive an iPhone from this Latvian address.

Even if you realise it’s a scam when you see the less than totally secure payment methods, you will already have given up details such as your name and address.

The best defence against this scam is to have up-to-date antivirus software installed, run a firewall and remember not to purchase from any site found through a pop-up.

If you are running Internet Explorer then make sure you have the latest patches and updates installed.

About Lee Munson

Lee's non-technical background allows him to write about internet security in a clear way that is understandable to both IT professionals and people just like you who need simple answers to your security questions.

Comments

  1. Nicholas Collier says:

    Fraud Notice
    ——————-

    We ordered 5 x Apple Iphones from a Chinese company called as follows:

    Name: Vision International Co.,ltd
    Website: w ww.ec30.com
    Alternative website: w ww.ebay27.com
    Email/ Messenger address: ec-30@ hotmail.com
    Contact given name: ‘Jimmy’

    The Western Union details given were:

    First Name: LiJuan
    Second Name: Wu
    City: Putian
    Province: Fujian
    Country: China

    We paid a total of $1,500 by Western Union in 2 transactions.

    We are sent 5 non Apple junk phones with an Apple logo on them and they did not even power on.

    *****DO NOT DO BUSINESS WITH THIS COMPANY UNLESS YOU WANT TO LOSE YOUR MONEY*****

    We are now having to file a crime report with the police, file with Western Union, file a possible credit card chargeback against Western Union, and file a crime report with Chinese law enforcement agencies.

    • The problem with sending money via Western Union is that it can be quite untraceable.

      I’d like to know how you get on with this..

Speak Your Mind

*