According to Mathew Maniyara, a security response lead with Symantec’s Indian research team, the attraction of iDisk is that the service allows files of up to 20 gigabytes in size to be uploaded and shared.
Phishers, he says in a security posting, are looking to gain access to this service for free. "This is an example of a phishing attack targeting user information for reasons other than financial gain", he explained.
Once landed on, the phishing site prompts the user to enter their password for logging in - after a password is entered, the page redirects to the legitimate web page of Apple MobileMe with an error message for an invalid password, which creates the illusion that a common error had occurred.
"The phishing URLs contained a query string in which a particular value represented a user’s ID. Changing the value of this ID within the query string would accordingly be reflected on the phishing page", says Maniyara.
Typical phishing emails containing rogue or infected sites, says the Symantec response lead, are sent to customers, but do not specific the recipient's name, but says something like `dear valued customer.'
But this phishing spree appears different, as the phishers are generating emails with the recipient's user ID embedded in the message.
The user ID, he says, is taken from user's email addresses and, whilst the user ID retrieved in this manner does not always represent the recipient's actual MobileMe/iDisk user ID, phishers are simply trying their luck with a larger number of emails.
In view of this scam, Maniyara advises users to avoid clicking on suspicious links in email messages and avoid providing any personal information when answering an email.
Users should also, he recommends, never enter personal information in a pop-up page or screen and updated their security software as frequently as possible.