Wednesday, May 18, 2016

Warning: new phishing scam s Dev Center outage

As most of you know, ’s Developer Centerhas been offlinefor going on 7 days now. The companyposted an updateto the situation yesterday, outlining when services will be available, but it’s still not clr when the portal will be fully functional again.The brdth of the outage is far-rching— has hundreds of thousands of app developers worldwide. So it’s no surprise that some not-so-nice people have decided to the situation by sending out malicious emails, pretending to be the company…The email, sent out to thousands and firstposted by ZDNET, rds:“Dr Customer,To get back into your account, you’ll need to confirm your account. It’s sy: Click the link below to open a secure browser window. Confirm that you’re the owner of the account and then follow the instructions.Update NowBefore log in your account will be Confirmed, let us know right away. Reporting it is important because it helps us prevent fraudsters from stling your information. Yours sincerely, .”The email portrays itself as a letter of authorization from , asking iTunes users to ‘confirm’ their login information to regain access to their accounts. While admittedly, it’s better than the “wlthy prince in Africa” stories, it’s still sy to identify it as a fake.For starters, the wording isn’t very -like and there are a of grammatical errors—notice how isn’t capitalized. ZDNET also notes that the site the email points you to, where it asks you to enter your credentials, is not a legitimate domain.Phishing attacks like this are a relatively sy way for someone to stl your data. Users click on a malicious email, which they believe to be from a reputable source, opening their system up to attack. This can install malware or pull login info, depending on the bug.And according toSecurity firm Lab, there has been a dramatic incrse in the last 6 months ofphishing scams targeted at users. For example, it detected 1 million attacks in one day, in December of last yr, following an international iTunes launch.So as a rule of thumb, always double and triple check emails that ask for sensitive information. Most companies won’t even do it, unless they’ve explicitly told you they were going to. developers,you can check herefor the latest infoon the dev center status.

No comments:

Post a Comment