Fake iTunes Gift Certificate Targets Black Friday Shoppers
A new malware scam designed to target Black Friday shoppers looking for a bargain has been identified throughout email services by Sophos.
The scam is designed to trick users into accessing a .zip file attached to an e-mail, which upon opening allows hackers to access personal information via malware files located within the infected .zip archive. Apparently the ‘incentive’ behind accessing this evil piece of software is a free $50 shopping spree on iTunes provided courtesy of… well, nobody, since it’s really not real at all.
This kind of scam has been around for a fairly long time, with a lot of hackers trying viruses before, but this time the added hysteria surrounding the Black Friday holiday as well as mass lack of spending money due to financial hardship has drastically increased the number of users falling for the scheme.
The infected .zip file is also being spread by compromised e-mail accounts on web-based mail clients – Hotmail contacts, for example, can be hacked or infected by a worm in order to spread the .zip to all contacts linked into the hijacked account. Be on the lookout for e-mail contacts sending dodgy looking messages to your inbox or generally acting suspiciously.
Security experts Sophos have advised users coming across suspicious emails from untrusted sources to think up to four times whether the link, image or file download they are about to access is genuine. However, the evil executable itself, known as Mal/BredoZp-B, can be defeated using a variety of anti spyware or anti malware programs. Mac users need not worry, as the malware is currently a Windows-only infection.