Fake Apple emails lead to blackhole malware attack that drains bank accounts – Sophos warns

IT security and data protection firm Sophos has revealed a new malware attack, that is designed to steal money from computer users’ bank accounts while posing as an $699.99 credit card charge from Apple iTunes.

At first glance, recipients may find the malicious emails quite realistic as they use Apple’s logos and formatting to appear like a genuine emailed receipt from the company.

Users concerned about the unexpected charge are likely to click on one of the links contained in the email, and will then be taken to an unrelated webpage proclaiming to be the IRS, which silently uses the notorious Blackhole malware kit to exploit known vulnerabilities in Java, Adobe Flash Player and Adobe Reader.

If any of these are successful, it infects the computer with the Zeus/ZBot Trojan. Worse still, if none of the exploits work, visitors are told to download a more "up to date" version of their browsers that contains a copy of the Zeus banking Trojan horse.

The end result is that users’ Windows computers are infected by malware that can log keystrokes and compromise bank accounts.

"It is always a bad idea to click on links in unsolicited emails without thinking, but we may be more likely to do so when we think we are being charged a hefty amount of money for a product we haven’t ordered," said Graham Cluley, senior technology consultant at Sophos. "Don’t do it. Instead, users should go to the website of the company in question, or call the number on the back of your card or billing statement to find out the truth."

"This is especially important advice at this time of year, as we typically see increased criminal activity during the Christmas season. Be on your guard," continued Cluley.

For more information on this scam and for images, visit Sophos’s Naked Security site at: http://nakedsecurity.sophos.com/2012/11/23/fake-apple-invoices-lead-to-black-hole

Graham Cluley is available for comment at +44 (0)1235 544114 or +44(0)7990552181

Follow Graham Cluley on Twitter: http://twitter.com/gcluley

För mer information, kontakta:
Anders Liman, Sophos Sverige
+46 (0)70-345 11 77
Anders.Liman@sophos.com

Om Sophos
Hundra miljoner användare i 150 länder förlitar sig på Sophos för att skydda sig mot dataintrång och förlust av data. Produktutbudet består av datasäkerhetslösningar för kryptering, klientsäkerhet, webb, e-post samt accesskontroll av nätverk – som är enkla att hantera, distribuera och använda, och med branschens lägsta totalkostnad. Allt backas upp av SophosLabs, ett globalt nätverk med datasäkerhetscentraler som minutiöst följer hotbildens utveckling. Sophos har vunnit många utmärkelser och med dryga tjugo års branscherfarenhet betraktas man allmänt av ledande analysföretag som världsledare inom sitt område.

Huvudkontoret finns i Boston, USA. Regionkontoret i Kista utanför Stockholm ansvarar för Norden och Baltikum. För mer information, se www.sophos.com