Phishing Scam Uses MobileMe and iTunes as Bait

Think twice before you respond to an email that appears to be from Apple or the iTunes Store. Recent phishing scams are using MobileMe, iTunes, and the Apple Store as bait. The email claims that there is a billing problem, and asks you to click a link to verify or correct your account information.

The current fake email making the rounds has 'iTunes Store (do_not_reply@apple.com)' or just 'do_not_reply@apple.com' in the 'From' field, and 'Important: Billing Problem' in the 'Subject' field.

The rest of the email is a typical HTML message, asking you to update your billing information by clicking a link in the email. The link doesn't take you to the iTunes Store or the Apple Store, but to a site that attempts to look like the Apple Store. If you click the link and provide your credit card information, you'll send the scammers on an all-expenses-paid spending spree, with you paying the expenses.

To protect yourself from this type of scam, first remember that Apple - and for that matter, most businesses – will never initiate an email contact to resolve a billing question. Second, never click a link in an unsolicited email. If you think the email might be legitimate, go to the subject web site directly by entering its URL in your browser, not by clicking the link in the email.

The following links will take you to Apple's real support sites:

iTunes:
http://www.apple.com/support/itunes/store/

The Apple Store:
http://store.apple.com/us/help

MobileMe:
http://www.apple.com/support/mobileme/