Apple’s Mobile Me fracas caused "hundreds" of Mac users to fall prey to a phishing scam, tricked into handing over valuable personal information by spoof mail and a well-crafted site.

Data obtained by CardCops, a credit card protection service owned by the Affinion Group, shows several hundred .Mac member’s data being traded in underground markets frequented by identity thieves. Details on sale are alleged to have included social security numbers, birth dates, mothers’ maiden names, credit card numbers and more.

The information was obtained through a phishing scam, using emails that circulated when Apple began its disastrous transition from Mac.com to Me.com. The scams bore subjects such as "Billing problem", The Register explains.

In a classic move, clicking the link contained within that email took .Mac members to a (fairly) authentic page which claimed to belong to Apple and requested a host of details of a site visitor. With more than customary confusion among Mac users as Apple migrated its services to Mobile Me, it appears many who would otherwise have detected the problem fell for the scam.


About the Author