iTunes trouble
Reports of numerous iTunes accounts being hacked and their users billed for hundreds of downloads via a ‘security hole' have surfaced with blame being heaped on Apple, yet some commentators have challenged the idea, attributing the misfortune to phishing scams.
TechCrunch first reported on a ‘major security hole,' allowing scammers to access iTunes accounts and rack up huge bills through PayPal.
One victim reportedly discovered his account was almost charged over $4,700, with about 50 receipts of $99 from PayPal but he stopped the transactions in time. He said: "I called security at PayPal and was told a large number of iTunes store accounts were compromised."
TechCrunch combed Facebook and Twitter for similar stories. One status update reportedly read: "Darn...what a day! Someone hacked into my iTunes account and bought a crap load of downloads and emptied out my PayPal account...grrrrr...PayPal is very cooperative but there is just about no way to get hold of iTunes. I did call PayPal and they assured me that they had contacted iTunes and it was going to be taken care of in my favor."
Another victim reportedly warned: "Everybody watch your iTunes account closely. I just got hacked for almost $1,000 worth of software, videos and music. Hopefully PayPal will refund it all."
According to Reuters, attacks on iTunes accounts have been escalating since 2009, with one victim reporting that PayPal told her: "Apple has gotten so many attacks since June, they can barely keep up with reporting them all!"
PayPal told the news service it is reimbursing customers for the fraud, although it is not known what the total bill will be. A spokesperson from PayPal reportedly told Reuters the fraud "is happening on the iTunes side" as scammers seem to be getting access to iTunes accounts via phishing emails that con users into disclosing their passwords and usernames. The details are then used to fraudulently buy a bunch of gift codes or music.
However, some commentators have pointed out the problem does not appear to be Apple's fault, as there does not seem to be a ‘security hole' in iTunes, rather users have fallen prey to phishing scams or bot attacks.
Digital Daily reported a source close to the company said iTunes has not been compromised and Apple has not noticed a sudden surge in fraudulent transactions.
Apple reportedly said: "iTunes is always working to prevent fraud and enhance password security for all of our users. But if your credit card or iTunes password is stolen and used on iTunes we recommend that you contact your financial institution and inquire about cancelling the card and/or issuing a chargeback for any unauthorized transactions. We also recommend that you change your iTunes account password immediately."
