Friday, June 22, 2012

Alert: Beware of App Store fraud - News alert - Consumer Affairs Victoria

Interestingly a couple of days ago I read online that Consumer Affairs Victoria issued an alert to consumers using Apple’s iTunes store and App store with regards to “fraud” and “counterfeit or ‘cloned’ apps”.

The following is the original link where the page has now been removed.

http://www.consumer.vic.gov.au/news-and-events/news-updates/beware-of-app-store-fraud


You can read more information on the The Register site  http://www.theregister.co.uk/2012/06/20/au_app_store_malware_claims/.

Whilst I’ve not personally experienced an Apple App Store account being hacked and no one in my user base has let me know they’ve had their account used by others, reading the online forums does indicate it is happening and is a concern.

One word of caution I would issue, is think about the username and password you are using with the Apple App Store and your other online accounts. In a lot of cases people use the same email address and password to access all their online accounts. The problem is if one account is hacked, all of their accounts are then potentially exposed. Because of the very large number of people using the Apple App Store all a hacker needs to do is obtain a list of usernames and passwords from a hacked site and then test the list against the Apple App Store. Once the hacker knows a username/password combination works they can sell it. According to the Consumer Affairs article “Online hacker forums sell access to iTunes accounts for as little as $33 – promising the each password can net a fraudster thousands of dollars in credit”.

If you are using the same username/password across multiple online services you should review what you are doing. At a minimum, use different passwords for different online services. That way if one service is hacked your username/password combination won’t work on your other accounts. For example 25% of Australians have a Facebook account so one in four Australians, if they are using the same email address/password across their online services, their Facebook account can be access if one of the services they use is hacked.

It would be even better is to use a different username(email address) and password for each service. Yes it is less convenient, but the inconvenience may well protect you and save a lot of grief down the track.

Consumer Affairs Victoria even though they have now removed the article for their own reasons, felt it was worthy enough to post the article in the first place and to me that is a sign there may be sufficient cause for concern.

Kelvin Eldridge
www.OnlineConnections.com.au

No comments:

Post a Comment