• United States



Watch out for those iPhone 5 scams

Oct 04, 20112 mins
Data and Information Security

With the release of iPhone 5 today, folks should brace themselves for a potential torrent of scams.

My friend Graham Cluley at Sophos pointed out the scam potential in the Naked Security blog yesterday:

Apple’s iPhone 5 is due to be revealed to the world tomorrow, which makes today the perfect opportunity for cybercriminals to take advantage of the excitement and exploit it for their own ends.

Journalist Abram Wagenaar was one of those who has received a malicious email, claiming to be from Apple and giving details of the new “Apple iPhone 5GS”.

Clicking on links in the email takes you to some Windows malware (lucky Mac fans are being ignored by the hackers on this occasion) which Sophos detects as Mal/Zapchas-A.

Apple product announcements are always big news. And I think we have to accept that it’s likely that whenever Apple is scheduled to reveal new technology that cybercriminals will try to exploit the interest.

After all, we saw a very similar attack using an iPhone 5 disguise during WWDC this year. On that occasion, it turned out that Apple *didn’t* announce the iPhone 5, but the bad guys were still eager to take advantage of pre-announcement hype. issued a similar warning, as did Mashable. Chris Taylor wrote on Mashable:

While the tech world holds its collective breath for the Tuesday iPhone announcement from Cupertino, some unscrupulous hackers are taking advantage of the fact that we don’t know exactly what the new phone looks like yet — with a fake email, supposedly from Apple, announcing the “iPhone 5S.”

For those who aren’t paying attention, and who are only vaguely aware that a new iPhone is launching this week, such an email — complete with an “order now” button — could make easy bait for malware. And that’s just what this email is, according to security firm Sophos — a lure for users to unintentionally install a nasty little Trojan called Mal/Zapchas-A.

You’ve all been warned.

–Bill Brenner

one-stop view of latest business threats. We created it for you! Bookmark it! Use it!

CSO’s Daily Dashboard gives you a

Sign up today.

Get your morning news fix with the daily Salted Hash e-newsletter!