Fake iTunes receipt spam

Filed Under: Social networks, Spam

A rather poorly crafted email campaign is making the rounds today. People around the world are receiving messages that appear to be iTunes receipts from Apple. On closer inspection however there are several oddities.

iTunes spam

The message arrives as an iTunes receipt for a song "Whatever You Like [Digital 45]" with a rather large price. The dollar amounts are all randomized and do not add up properly.

Of course this is just another social engineering tactic, as they expect you will be concerned over the large price tag for something you didn't purchase and click on the links to investigate.

If you click the link you are taken to a Canadian pharmacy page with advice on how you might pleasure your significant other. Strangely if you browse it from Canada (like those of us attending Virus Bulletin 2010) the page renders with English graphics and French text.

Canadian pharmacy page

Despite being culturally sensitive, simply seeing their ability to do mathematics should be enough of a tip to not click on the link.

You may think spams such as this are harmless, yet these same messages earlier today were linking to malware rather than penis pills. Educate your friends, family and colleagues about these type of spam messages and obviously throw them straight into the bin.

, , ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Chester Wisniewski is a Senior Security Advisor at Sophos Canada. He provides advice and insight into the latest threats for security and IT professionals with the goal of providing clear guidance on complex topics. You can follow Chester on Twitter as @chetwisniewski, on App.net as Chester, Chester Wisniewski on Google Plus or send him an email at chesterw@sophos.com.