iTunes users who have their account linked to PayPal have been hit by a security scam, with multiple users complaining of losing money.
Apple and PayPal have both refused to discuss details of the issue, but experts have told BBC reporters that the victims have probably fallen for an email scam, rather than an unknown vulnerability in the programmes’ servers.
One victim told the blog TechCrunch, “My account was charged over $4,700. I called security at PayPal and was told a large number of iTunes stores accounts were compromised.”
Another posted their experience on Facebook: “My iTunes account just got hacked and someone made about $700 worth of purchases. I contacted Paypal and they said Apple has gotten so many attacks since June, they can barely keep up with reporting them all.”
Apple released a statement to BBC News, reading: “iTunes is always working to prevent fraud and enhance the password security of all of our users.
“But if your credit card or iTunes password is stolen and used on iTunes we recommend that you contact your financial institution and inquire about cancelling the card and/or issuing a chargeback for any unauthorised transactions.
“We also recommend that you change your iTunes account password immediately.”
PayPal has said that it will reimburse any unauthorised charges.
Security firms are unsurprised by the news. “We have been hearing about attacks on iTunes for a while and it seems it is possible to game iTunes and make money,” said Dan Kaminsky, chief scientist at security firm Recursion. “I am sure Apple are getting a rapid education in what it means to be a mechanism that fraudsters can use to steal funds, but I don’t expect this to be a long-term problem or a product-threatening one.”
Galaxy Smooth Milk Chocolate Bar, Chocolate Gift, Movie Night Snacks, Sharing Bar 110g & Salted Caramel Chocolate Bar, Chocolate Gifts, Milk Chocolate, 135 g
£2.50 (as of 15/11/2023 14:11 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
INIU USB C Charger Cable, [2m/3.1A] Type C Cable Fast Charging, Zinc Alloy Braided USB A to USB-C Phone Charger Cable for iPad Pro iPhone 15 Pro Max Samsung S22 Huawei Switch PS6 10 Google Pixel etc.
£4.99 (as of 15/11/2023 14:11 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Amazon Fire HD 8 Kids tablet | 8-inch HD display, ages 3–7, includes 2-year worry-free guarantee, Kid-Proof Case, 32 GB, 2022 release, Blue
£149.99 (as of 15/11/2023 14:11 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Amazon Kindle Paperwhite Leather Cover | Compatible with 11th generation (2021 release), Merlot
£39.99 (as of 15/11/2023 14:11 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
