Apple ID phishing campaign is exploiting CelebGate panic

A major botnet is targeting Apple customers through a phishing campaign looking to steal their customer IDs and passwords, according to security firm Symantec.

Kelihos, also known as Waledac, is said to send potential victims a spam email telling them the film "Lane Splitter" has been bought from a new device via a Russian IP address, asking them to click a link to report the purchase if it was unauthorised.

The user is then sent to a phishing page disguised as part of the Apple website and instructed to put in their Apple account details, which are then stolen by the scammer, according to the security firm.

Symantec said: "It is possible that the timing of the campaign is not a coincidence and the controllers of the botnet are attempting to exploit public fears about the security of Apple IDs to lure people into surrendering their credentials.

"However, this is by no means the first time that attackers have targeted Apple IDs in this fashion."

Since the leaking of naked celebrity photos last week security fears have been raised around Apple’s iCloud service, particularly after the discovery of software that claims to give users access to accounts without the need for a password.

Apple has said it will take a number of measures to improve security for the cloud service, having rolled out extra brute force protection in the wake of the attacks.

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

Sign up for our regular news round-up!

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

I would also like to subscribe to:

Thank you for subscribing