Spammers use iPhone 4G as bait to harvest private information

May 13, 2010 Sophos Press Release

IT security and data protection firm Sophos has warned internet users that scammers are using the lure of a free next generation iPhone to gather email addresses and other personal information.

Sophos has intercepted email spam inviting recipients to sign-up to test, try and keep the much-predicted (but as yet unannounced) next version of the iPhone, which is being dubbed the "4G" by the media.

Separately, Sophos researchers have also uncovered a co-ordinated campaign on Twitter, using avatars of sexy young women, pumping out adverts to users promising a "free iPhone 4G" in an offer that is claimed to end today.

Free iPhone 4G tweets posted by spammers

However, clicking on the links provided in either spam campaign takes users to a website which demands private information such as name, address, email contact details and date of birth.

"Even though it hasn't been officially announced by Apple, and may not be released for a couple of months, there is a lot of buzz on the internet about the iPhone 4G," said Graham Cluley, senior technology consultant for Sophos. "In their excitement, some internet users might blindly hand over their personal information in the belief that they will get a preview version of what will be one of 2010's hottest gadgets. But being careless with your data risks exposing yourself to more spam in future and costly identity theft."

Sophos recommends that internet users adopt a healthy level of scepticism over "too-good-to-be-true" iPhone 4G offers.

"Apple is a company obsessed with secrecy about its upcoming products - you have to ask yourself, would Apple really be leaking products out to the general public for testing before they have officially announced its existence? Security is tight around the iPhone 4G - the editor of the Gizmodo blog evenhad his house raised after he claimed to have got his hands on a prototype," continued Cluley. "Sometimes people's common sense goes out the window when they're faced with the possibility of a sexy new gadget.. and that's bad news for personal security and privacy."

Learn more about the threat by reading Graham Cluley's blog.