Security researchers from Webroot have revealed a malicious email campaign attempting to trick users into thinking they’ve received a $200 Apple Store Gift Card. But rather than being a simple phishing effort as is common with such emails, the malicious emails contain malware that can be used to compromise targets' Windows-based machines.

apple_malicious_email
Specifically, when the user clicks on a hyperlink within the email or opens an attachment, a malicious Java-based exploit installs itself onto the computer. The exploit is then used to steal data from the personal computer, opening up the user to the possibility of identity theft and other cyber-crimes.

A currently ongoing malicious spam campaign is attempting to trick users into thinking that they’ve successfully received a legitimate ‘Gift Card’ worth $200. What’s particularly interesting about this campaign is that the cybercriminal(s) behind it are mixing the infection vectors by relying on both a malicious attachment and a link to the same malware found in the malicious emails. Users can become infected by either executing the attachment or by clicking on the client-side exploits serving link found in the emails.

Earlier this year, a phishing effort compromised over 100 sites in attempt to gain access to users’ Apple ID accounts. Last month, researchers from various security firms uncovered a trojan known as Janicab.A that used a special unicode character to initiate email malware attacks. Apple has also regularly dealt with Java-related vulnerabilities by deploying updates for OS X and introduced Gatekeeper in OS X Mountain Lion to better deal with security threats, offering a way for users to restrict installation of apps to those signed by Apple-issued Developer IDs.

Top Rated Comments

keysofanxiety Avatar
140 months ago
But rather than being a simple phishing effort as is common with such emails, the malicious emails contain malware that can be used to compromise targets' Windows-based machines.

Windows machines? Compromised?

I'll never believe it!
Score: 6 Votes (Like | Disagree)
Shrink Avatar
140 months ago
Unfortunately most people who fall for these things are old or just plain careless.
It never ceases to to amaze me that us old, simple minded and gullible old coots ever got to be old, simple minded coots as gullible as we are. You would think, as simple minded as we are, that we would ave been tricked into some deathly trap long before we got to be old and gullible.

Luckily, we have you young, sharp, never-fooled-by-anyone folks to guide us and point out how easy it is to hoodwink us.

BTW: Tha Nigerian Prince thing should pay off any day now...
Score: 5 Votes (Like | Disagree)
jonnysods Avatar
140 months ago
You gotta be crazy clicking on stuff like this. But it would totally fool my dad!
Score: 3 Votes (Like | Disagree)
SandboxGeneral Avatar
140 months ago
There's no red flags in that email! haha :D
Score: 3 Votes (Like | Disagree)
mrgraff Avatar
140 months ago
Oh yeah because I totally hate Windows and it soooo never works

Why do I keep trying to post obviously humorous things on MacRumors? I never learn...
Score: 2 Votes (Like | Disagree)
charlituna Avatar
140 months ago
Java once again. Those who fell for it must have been using Internet Explorer or something.

Or really old versions of Java etc.

That is the trick with many of these attacks. Folks not keeping their stuff up to date. We need to get users into the mind set that software updates, at least point ones are like getting booster shots, taking vitamins, getting sleep. You have to do them. Like the folks griping about excessive cell data use etc but never updated iOS 6 when that fix came out
Score: 2 Votes (Like | Disagree)

Popular Stories

Delta Feature

Delta Game Emulator Now Available From App Store on iPhone

Wednesday April 17, 2024 9:58 am PDT by
Game emulator apps have come and gone since Apple announced App Store support for them on April 5, but now popular game emulator Delta from developer Riley Testut is available for download. Testut is known as the developer behind GBA4iOS, an open-source emulator that was available for a brief time more than a decade ago. GBA4iOS led to Delta, an emulator that has been available outside of...
iOS NES Emulator Bimmy Feature

NES Emulator for iPhone and iPad Now Available on App Store [Removed]

Tuesday April 16, 2024 11:33 am PDT by
The first approved Nintendo Entertainment System (NES) emulator for the iPhone and iPad was made available on the App Store today following Apple's rule change. The emulator is called Bimmy, and it was developed by Tom Salvo. On the App Store, Bimmy is described as a tool for testing and playing public domain/"homebrew" games created for the NES, but the app allows you to load ROMs for any...
iPhone 15 Pro Action Button Translate

All iPhone 16 Models to Feature Action Button, But Usefulness Debated

Tuesday April 16, 2024 6:54 am PDT by
Last September, Apple's iPhone 15 Pro models debuted with a new customizable Action button, offering faster access to a handful of functions, as well as the ability to assign Shortcuts. Apple is poised to include the feature on all upcoming iPhone 16 models, so we asked iPhone 15 Pro users what their experience has been with the additional button so far. The Action button replaces the switch ...
maxresdefault

Hands-On With the New App Store Delta Game Emulator

Wednesday April 17, 2024 12:19 pm PDT by
A decade ago, developer Riley Testut released the GBA4iOS emulator for iOS, and since it was against the rules at the time, Apple put a stop to downloads. Emulators have been a violation of the App Store rules for years, but that changed on April 5 when Apple suddenly reversed course and said that it was allowing retro game emulators on the App Store. Subscribe to the MacRumors YouTube channel ...
iOS 18 Siri Integrated Feature

iOS 18 Will Add These New Features to Your iPhone

Friday April 12, 2024 11:11 am PDT by
iOS 18 is expected to be the "biggest" update in the iPhone's history. Below, we recap rumored features and changes for the iPhone. iOS 18 is rumored to include new generative AI features for Siri and many apps, and Apple plans to add RCS support to the Messages app for an improved texting experience between iPhones and Android devices. The update is also expected to introduce a more...