iTunes users all over the world are being hooked in a possible phishing scam that siphons cash out of their PayPal accounts. Phishing scams, of course, consist of emails that appear to be coming from a legitimate, trusted business. These emails are often designed to trick the victim into revealing login credentials. Once the phishers have access to the account, they begin withdrawing funds. In this case, scammers used victims’ iTunes accounts to purchase gift cards, which were paid for by the victims’ linked PayPal accounts. Some victims of this particular scam have has just a few dollars stolen, while others have had their accounts emptied. Gift cards are a form of currency created by the issuer. Their value is in the products or services available when cashed in. A scammer can purchase a $100 gift card and sell it online for $50. Pure profit. There are many variations of iTunes gift card scams: 1. Scammers can easily set up websites posing as a legitimate retailer offering gift cards at a discount, having fraudulently obtained those gift cards. They may accept people’s credit cards and make fraudulent charges. In these cases, the victim can refute the charge, but will need to either cancel the credit card or persistently check their statements once their card has been compromised. Like Mom said, if it sounds too good to be true, it probably is. 2. The system for generating codes that are embedded on a plastic card or offered as a download is nothing more than software created by the card issuer or a third party. At least one major retailer has had their gift code generation compromised, and who knows how many more have been or will be compromised in this way. Criminal hackers can then offer the codes at a significant discount. 3. iTunes gift card scams are so effective, in part due to the limited availability of iTunes downloads in certain countries. There are numerous copyright issues, with some music companies making deals with musicians and iTunes, while others refuse to do so. Scammers have capitalized on this, using it as a marketing tactic. The best way to avoid phishing scams is to never click on links in the body of an email. Always go to your favorites menu or manually type the familiar address into your address bar. And never provide you login credentials to anyone, for any reason. Robert Siciliano, personal security expert contributor to Just Ask Gemalto, discusses iTunes gift card scams on NBC Boston. (Disclosures) Filed Under: Phishing just ask gemalto phishing scams Related content brandpost Sponsored by Freshworks When your AI chatbots mess up AI ‘hallucinations’ present significant business risks, but new types of guardrails can keep them from doing serious damage By Paul Gillin Dec 08, 2023 4 mins Generative AI brandpost Sponsored by Dell New research: How IT leaders drive business benefits by accelerating device refresh strategies Security leaders have particular concerns that older devices are more vulnerable to increasingly sophisticated cyber attacks. By Laura McEwan Dec 08, 2023 3 mins Infrastructure Management case study Toyota transforms IT service desk with gen AI To help promote insourcing and quality control, Toyota Motor North America is leveraging generative AI for HR and IT service desk requests. By Thor Olavsrud Dec 08, 2023 7 mins Employee Experience Generative AI ICT Partners feature CSM certification: Costs, requirements, and all you need to know The Certified ScrumMaster (CSM) certification sets the standard for establishing Scrum theory, developing practical applications and rules, and leading teams and stakeholders through the development process. By Moira Alexander Dec 08, 2023 8 mins Certifications IT Skills Project Management Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe