Your identity everywhere

AppleInsider are reporting a phishing campaign targeting MobileMe users, following an earlier attack less than a month ago.

If the figures from CardCops are correct then the first attack netted credit card information of between 100 and 300 MobileMe users. MobileMe is a service from Apple with which Mac users can sync information with their iPhones and with browser-based internet access.

Are Mac users falling behind when it comes to secure and responsible use of their computers? Remember that a successful phish relies on the behaviour of the user, not on installing malware, so the old (and tired) phrase “I’ve got a Mac, I’ll be alright” isn’t going to work.

Unfortunately, phishing isn’t the only problem MobileMe customers are having to deal with; the browser access doesn’t offer SSL encryption making it easy for attackers to read users’ e-mail, calendar entries and other information as they use the service. Users can alleviate that problem by only connecting to the service from trusted networks, but then where’s the usefulness?

Perhaps “StaticMe” just didn’t have the same ring.