Me.com. Your identity everywhere

AppleInsider are reporting a phishing campaign targeting MobileMe users, following an earlier attack less than a month ago.

If the figures from CardCops are correct then the first attack netted credit card information of between 100 and 300 MobileMe users. MobileMe is a service from Apple with which Mac users can sync information with their iPhones and with browser-based internet access.

Are Mac users falling behind when it comes to secure and responsible use of their computers? Remember that a successful phish relies on the behaviour of the user, not on installing malware, so the old (and tired) phrase “I’ve got a Mac, I’ll be alright” isn’t going to work.

Unfortunately, phishing isn’t the only problem MobileMe customers are having to deal with; the browser access doesn’t offer SSL encryption making it easy for attackers to read users’ e-mail, calendar entries and other information as they use the service. Users can alleviate that problem by only connecting to the service from trusted networks, but then where’s the usefulness?

Perhaps “StaticMe” just didn’t have the same ring.

Posted on September 8th, 2008 by Graham Lee, Sophos
Filed under: General

Windows 7 security - A great leap forward or business as usual?

About SophosLabs

SophosLabs protects businesses from known and emerging malware - viruses, rootkits and spyware - and other computer threats like phishing, spam and scams. Learn more about the people who write this blog.

RSS feed

Hot video

International Kill-A-Zombie Day

SophosLabs blog