iTunes is under attack from a new phishing scam, designed to allow cyber crooks to steal the banking credentials of the millions of users targeted.
According to security firm PandaLabs, the attack involves iTunes users receiving an e-mail containing a seemingly real iTunes receipt, informing them that they have just made a vastly expensive purchase from the online store.
Panicked users looking to resolve the issue click on a link on the e-mail, which prompts them to download a PDF reader, redirecting them to a website containing malware and other malicious files programmed to steal sensitive banking information from users' computers.
Luis Corrons, Technical Director of PandaLabs, said in a statement to Fox News: “It's often difficult not to fall in the trap. That's why it's absolutely crucial that when you use platforms such as iTunes, and you receive these types of notifications, never go to the website through the e-mail, but rather from the platform itself.”
The security firm claims that it saw 300,000 phishing e-mails passing through its spam filters over the last weekend alone.