1
http://techcrunch.co...l-itunes-fraud/
Quote
Fraudsters Drain PayPal Accounts Through iTunes
Aug 23 2010
Reports are appearing this morning about a major security hole in iTunes accounts linked to PayPal. At least one group of scammers has found a way to charge thousands of dollars to iTunes accounts through PayPal. One targeted customer told us, “My account was charged over $4700. I called security at PayPal and was told a large number of iTunes store accounts were compromised.” His email was filled with nearly 50 receipts from PayPall for $99.99 each. (Update: they were for “CastleCraft, Dragon Crystals (10000 Pack), Seller: Freeverse, Inc”). He was able to catch it before his bank disbursed funds to PayPal.
But others were not so lucky. A quick search of Twitter and Facebook shows that the problem is not isolated. Joey Bruce on Twitter laments:
Someone hacked my iTunes/paypal acct and drained everything from my bank account. Life is kicking me in the balls while I’m down.
A search of public status updates on Facebook uncovers more people with the same issue:
Darn…what a day! Someone hacked into my itunes account and bought a crap load of downloads and emptied out my paypal account….grrrrr. . . . Paypal is very cooperative but there is just about no way to get ahold of itunes. I did call paypal and they assured me that they had contacted itunes and it was going to be taken care of in my favor.
so apple/itunes had a security breach & someone bought over $500 worth of music through my paypal account. just what i wanted 2 b dealing w/ while in San Diego! AWESOME!!!
Everybody watch your itunes account closely. I just got hacked for almost $1000.00 worth of software, videos and music. Hopefully paypal will refund it all. . . . This happened within the last few hours. Once transaction after another.
AT least PayPal is aware of the issue, but it seems like the problem is on the iTunes side.
Aug 23 2010
Reports are appearing this morning about a major security hole in iTunes accounts linked to PayPal. At least one group of scammers has found a way to charge thousands of dollars to iTunes accounts through PayPal. One targeted customer told us, “My account was charged over $4700. I called security at PayPal and was told a large number of iTunes store accounts were compromised.” His email was filled with nearly 50 receipts from PayPall for $99.99 each. (Update: they were for “CastleCraft, Dragon Crystals (10000 Pack), Seller: Freeverse, Inc”). He was able to catch it before his bank disbursed funds to PayPal.
But others were not so lucky. A quick search of Twitter and Facebook shows that the problem is not isolated. Joey Bruce on Twitter laments:
Someone hacked my iTunes/paypal acct and drained everything from my bank account. Life is kicking me in the balls while I’m down.
A search of public status updates on Facebook uncovers more people with the same issue:
Darn…what a day! Someone hacked into my itunes account and bought a crap load of downloads and emptied out my paypal account….grrrrr. . . . Paypal is very cooperative but there is just about no way to get ahold of itunes. I did call paypal and they assured me that they had contacted itunes and it was going to be taken care of in my favor.
so apple/itunes had a security breach & someone bought over $500 worth of music through my paypal account. just what i wanted 2 b dealing w/ while in San Diego! AWESOME!!!
Everybody watch your itunes account closely. I just got hacked for almost $1000.00 worth of software, videos and music. Hopefully paypal will refund it all. . . . This happened within the last few hours. Once transaction after another.
AT least PayPal is aware of the issue, but it seems like the problem is on the iTunes side.
http://news.cnet.com...0014481-37.html
Quote
aug 23 2010
The real iTunes fraud vulnerability: Gullible users
So these reports of a major security hole in iTunes, one through which people have had their PayPal accounts drained?
Not much to them, I'm told. Or, rather, not much to their assertion that Apple is at fault here. There's no security hole in iTunes, and if you've been unfortunate enough to have hundreds of dollars in unauthorized purchases charged to your iTunes account, it's likely because you've fallen victim to a phishing scam--a variation on the one that's been around for years now. Sources close to Apple tell me iTunes has not been compromised and the company isn't aware of any sudden increase in fraudulent transactions.
As for an official comment, Apple offers this bit of common sense advice:
"iTunes is always working to prevent fraud and enhance password security for all of our users. But if your credit card or iTunes password is stolen and used on iTunes we recommend that you contact your financial institution and inquire about canceling the card and/or issuing a chargeback for any unauthorized transactions. We also recommend that you change your iTunes account password immediately."
PayPal declined to comment on the issue, but told me that any unauthorized charges sent through its service will be reimbursed.
The real iTunes fraud vulnerability: Gullible users
So these reports of a major security hole in iTunes, one through which people have had their PayPal accounts drained?
Not much to them, I'm told. Or, rather, not much to their assertion that Apple is at fault here. There's no security hole in iTunes, and if you've been unfortunate enough to have hundreds of dollars in unauthorized purchases charged to your iTunes account, it's likely because you've fallen victim to a phishing scam--a variation on the one that's been around for years now. Sources close to Apple tell me iTunes has not been compromised and the company isn't aware of any sudden increase in fraudulent transactions.
As for an official comment, Apple offers this bit of common sense advice:
"iTunes is always working to prevent fraud and enhance password security for all of our users. But if your credit card or iTunes password is stolen and used on iTunes we recommend that you contact your financial institution and inquire about canceling the card and/or issuing a chargeback for any unauthorized transactions. We also recommend that you change your iTunes account password immediately."
PayPal declined to comment on the issue, but told me that any unauthorized charges sent through its service will be reimbursed.
