A stray keystroke here or there has cost an unknown number of Apple Store shoppers dearly, according to security software vendor Symantec, as hackers have constructed a bogus Web site designed to steal the account numbers and PINs of gift card holders.
This latest consumer phishing scam uses a typosquatted Web site disguised as an official Apple site to trick users into entering their card numbers and PINs in order check the available balance on gift cards for Apple products.
eSecurity Planet explains how the official-looking site and entry fields are making it easy for cyber thieves to quickly liquidate the gift card balances while online shoppers are left in disbelief.
The scam is just the latest in a line of sophisticate phishing attacks that has security software companies and law enforcement agencies urging consumers to take their time and pay close attention to where they’re actually conducting transactions to avoid being ripped off.
Creative online crooks have been targeting—and successfully ripping off—Apple gift card holders for more than a month, according to security software vendor Symantec.
The phishing scam requires a little bit of luck and lot of naivety on the part of the card holder. The con artists set up a phishing site using a typosquatted URL, in other words a URL that’s a deliberate misspelling of Apple or some derivation of Apple’s online store, and then lays in wait for those folks who hastily typed in the erroneous address.