Phishing scam impersonating iTunes attempting to trick Canadian users

News by Bradley Barth

A phishing scam impersonating iTunes is attempting to trick Canadian Apple users into giving away their personally identifiable information, in order to get a refund on movies they never actually paid for.

Think naming the wrong movie as Best Picture at the Oscars is embarrassing? What about giving away your personally identifiable information (PII) in order to get a refund on movies you never actually paid for?

That's the basic plotline behind a phishing scam that impersonates iTunes and targets Canadian Apple users, according to Fortinet a blog post published late last week.

The Fortinet report cites a user who was sent a phishing email containing a fake receipt claiming the recipient spent nearly US$100 on five movies. The spam email offered a link that users could click to request a full refund if the transaction was not authorised – implying possible fraudulent activity on the target's iTunes account. The link led to a phishing page asking for such PII as the user's name, address, birth date, phone number, payment card information, social insurance number, and mother's maiden name.

Clicking the cancel transaction button transmits the data to the scammers in plain text, at which point the user is redirected to the legitimate Apple website. According to Fortinet, the scam is reminiscent of 2015 iTunes phishing emails that targeted UK and Australian users with fake receipts for books and songs – except this iteration is even more convincing due to the scam's use of recent movie titles and its lack of overt mistakes.

Crime & Threats

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews

Interview - Everyone has an Achilles heel: The new security paradigm

How can we defend networks now that the perimeter has all but disappeared?
Brought to you in partnership with ExtraHop