One thing about doing business is that you need to cover all the bases. Even the bigwigs such as Apple is not perfect. Apparently this is the case as to why phishing attacks when Apple unveiled the Mobile Me which opened lots of opportunities for .Mac users.

Apparently 1/3 of the people who used this transaction were found to be fraudulent. The scammers did a pretty good job, going to the extent of creating close to perfect similar graphics and falsely getting people to enter their personal information.

For the record, Apple has been treated more of a victim rather than the instigator. But considering their credibility, most consumers may not buy it. In fact, it was supposed to be their duty to protect their customers from these punishable acts.

“We confirmed this,” said Dan Clements, vice president at Affinion Group, the company that owns Card Cops. “...We called some of the .Mac users” found on a trading site used by the Internet underground.

Card Cops includes among its customers major banks worldwide. For the last eight years, the group has been helping its clients and law enforcement track down those who are trading personal information online.

Clements said his company routinely examines caches of “full profiles,” meaning the files contained the social security numbers, birth dates, mothers’ maiden names, and credit card numbers from customers of savvy users that were tricked. He said one day there was a “disproportionate amount of what we usually see” of victims using the .Mac e-mail address.

Of the 300 profiles provided to CNET News, more than 100 had .mac addresses.

“The attack looked very realistic; the graphics were well done,” said Clements, and this snared some sophisticated victims, he said. Some had businesses accounts with Apple “because their mother’s maiden name was already on file.”

Source

Leave a Comment Leave a Comment