iPhone users beware – an ongoing phishing campaign impersonating Apple.com, attempts to trick users into submitting sensitive device information, with the scammers in a perfect position to use the data in a countless number of fraudulent variations.

Here are more details on the campaign, and why would phishers want access to such information.

The phishing campaign has been in circulation for over two weeks, and continues using the “FREE 1 Year Warranty Extension Offer” theme in emails coming with subjects such as “IMPORTANT: Your FREE iPhone Warranty Extension for 1 Year!“, leading to domain using fast-flux hosting infrastructure – www.apple.com.PHISHING.com/uk/iphone/warranty.htm.

What’s also worth pointing out is that the phishers require the user to submit their email at the first stage of the process, presumably saving themselves time in validating it, or in an attempt to contact the recipient in the long-term requesting more data.

What are the phishers after? The email of the user, the Serial number, IMEI (International Mobile Equipment Identity), the type of iPhone (ie. 3G / 3GS) and the capacity of the device (ie. 16GB / 32GB).

Why would a phisher want access to such data? Whereas some would point out that they’re interested in the practice due to the blocked IMEI numbers of stolen devices, which they can now change to ones that are not blacklisted, the long-term possibility of building inventories of such data to be re-sold to criminals looking for ways to bypass prepaid SIM restrictions, is a fully realistic one.

Consider going through related posts: iHacked: jailbroken iPhones compromised, $5 ransom demanded; Source code for ikee iPhone worm in the wild; iPhone’s anti-phishing protection offers inconsistent results; Apple adds malware blocker in Snow Leopard; Apple (Snow Leopard) malware blocker collecting cobwebs
Over the past year, there have been numerous developments internationally aiming to restrict the selling of prepaid SIM cards, which offer a safe heaven for criminals since no personal identification is required/stored when purchasing them.

With safety measures varying from mobile carrier to mobile carrier, with only a few publicly disclosing the protections they’ve built in order to limit the use of cloned devices on their networks, there are still countries where the lack of basic restrictions is naturally resulting in demand for such data, which the cybercrime ecosystem can easily supply through phishing campaigns.

The entire business model can be undermined by the mobile carriers realizing the potential for abuse, and by those actually obliged by law to ensure such activities cannot take place within their networks.

Share on Facebook

Mobile handsets without the unique identification number, which helps authorities track users, will face disconnections by December 1, Indian Cellular Association (ICA) said on Wednesday.

The International Mobile Equipment Identification (IMEI) is a 15-digit code that identifies a handset and enables security agencies to track down users.

The department of telecom had recently asked the mobile operators not to allow calls to be completed on handsets without IMEI number.

Though there are no official statistics on the number of handsets without IMEI number, an industry guess was around 25 million, Pankaj Mohindroo, President, ICA said.

The Indian Cellular Association had begun a nationwide campaign to create awareness and prevent sale and purchase of such devices.

Proliferation of unbranded phone devices, without IMEI number or with invalid or cloned numbers posed a serious threat to national security as they could not be tracked, he said.

These devices are mainly sourced from China and are adversely impacting the organized mobile devices market apart from causing huge loss in revenue to the government, he said.

Share on Facebook