James Delahunty
5 Oct 2010 0:51
PandaLabs, the research arm of Panda Security, has warned that malware peddlers are sending out fake iTunes receipts via e-mail to lure users to download harmful software. The receipt looks authentic but is designed to make a user concerned about the total of the bill so they will click a "report a problem" link.
Clicking the link connects to a .RU site where a user will be asked to download a file. "After clicking the link, the victim is asked to download a fake PDF reader," PandaLabs said. "Once installation is complete, the user is redirected to an infected Web page containing the Zeus Trojan, which is specifically designed to steal personal data. This phishing attack was uncovered shortly after a similar phishing attack targeting LinkedIn users appeared last week, which appears to have originated in Russia."