Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: InfoSec Handlers Diary Blog - iPhone scams InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

iPhone scams

Published: 2007-07-02
Last Updated: 2007-07-02 23:28:29 UTC
by Maarten Van Horenbeeck (Version: 1)
0 comment(s)

Readers have been reporting new e-mail scams related to the Apple iPhone today.  With a wide variety of new topics to choose from over the weekend, the iPhone apparently came out on top.

One e-mail claims you have ‘won a new iPhone’. Clicking on the link however brings you to a page that attempts to exploit a number of well known Internet Explorer vulnerabilities and then downloads a malicious executable 'sys----.exe'. This executable installs itself as a service and upon review appears to be a spam bot.  Anti virus coverage was very spotty this morning but has improved during the day.  

Another scam aims to convince readers they need to go and buy an iPhone on what appears to be an Apple site (faked using a browser helper object). Naturally the site does not belong to Apple and you end up paying someone in Latvia. Sunbelt has a great writeup on this here. Thanks to roseman for the link.

Keywords:
0 comment(s)
Diary Archives