iTunes unauthorized transaction

as a precaution, just use/buy itunes card to load your account. if you can prove to paypal its fraudulent, they usually will side with you. good luck.

 

@Xthine

Did you use your iDevices while on a public network such as Starbucks, SM Free wi-fi? =) Is your network at home locked?

 

Hope you get all your money back from PayPal. And hope it gets back to you right away.

 

mmm.....in @xthine's case, this does not apply since only her iTunes account was compromised, not her email accounts. But I agree that using the same passwords/passkeys for different accounts is moronic.

ot: to date, the most secured email is Gmail.......it's two-step authentication process is a huge step-up in security (requiring not just the user's password but an 8-digit code as well, that is good for one-time use or required input every 30 days, that Google sends to the user's cellphone via SMS). This type of upgraded security (full SSL session, VPN, two-step authentication) is, in my opinion, mandatory. Very much in the news, Lulzsec (a group of hackers, probably based in Russia) just published 62,000 accounts with passwords for different services and even took down (pardon the French) the Goddamn CIA website.

@daney_waney I don't believe that @xthine was a victim of sidejacking. It's highly unlikely given that access to iTunes is via secured network connection (SSL/TLS).

 

@xthine.....good to hear that you've received a partial refund. But that's only half the battle won. The other half: finding the exact cause of the problem so it can be remedied for good (if only to avoid a repeat of this unfortunate incident).

 

Im sorry to hear about this.

My thinking was you were maybe victim of "Phishing" scam.
Where the hackers trick your computer into looking like you are logged into the real apple iForgot (or other) website and they hide code to secretly send you to their page that looks 100% identical.

If you try to access your account they now have your password.

Try this EXAMPLE:

Here is some FAKE links to a website we all use. Click each one of them to see where you go (all safe links )

1. http://www.philmug.ph
and
2. http://www.philmug.ph
or how about
3. http://www.philmug.ph

Now imagine they made a fake website that looked 100% identical to the Philmug login page. You try to log in and instantly I get your account to use when you are sleeping or away. It can even send you to the REAL website and log in for you after they get your login infomations and you will never know you were just hacked.


I also think these hackers purchase large in-app currencies so they can sell the coin/currency to others for real cash.
I often see in online iPad games people running around selling gold for dirt cheap - and this is how they probably get it.
Just my guess.

Im glad 1 of your cards refunded already.

My sympathies

PIX to follow in 5 minutes - just talked to an IN-GAME gold seller (their reputations usually associate gold selling with compromised accounts)

Update complete
1. Nothing personal against THIS illegal gold-seller (since they see my name if they use google) but IF they hack an account they buy TONS of gold - then run around town yelling they have gold forsale. SO I replied.


2. People buy gold to get treasure others have found and are selling legitimately in-game as here in the in-app player marketplace




3. And the hackers always undercut the developers gold prices as seen here in-app purchase 50g from hackers/sellers for LESS than 12g from legit developer (in-app purchase is disabled on my iOS devices to keep my iPhone eating toddler from making accidental purchases - as several kids games can be upgraded in-app also - such as buying more songs for his music apps or more stories for his read-along books.)



These "phishing" and other account attacks must be stopped and I hope one day the internet will be safer for us all.

I also hope that gives some insight to how the hackers might work. I had seen this many times before with Phishing sites getting other friends in online apps. The app they used on your account was Gangster, but the economics are usually the same - I think.

 

mmm......big hole in the phishing theory is that iTunes is an App in the device. For that to work, the perp somehow managed to install a fake App in @xthine's iPad (and other devices) that redirects to a phishing site (where the unwary victim is led to reveal sensitive infomation). That's just not plausible. Phishing is a browser-initiated attack (emails, mispelled URLs etc.)

I'm assuming that @xthine was not naive enough to have revealed her iTunes account info by responding to a phishing email. If she did, then your theory is the most plausible one to date to explain the missing USD400.00. From her account of the this incident, this is not the case.

But I still think that it is plausible that Ganstaz app is part of the scam. The money (USD400.00) ended up in their pockets.

 

hi. i had the same experienced before.

before my itunes got hacked my gmail was accessed from china and was informed by gmail. i changed my gmail password but since i use the same username/password for itunes i forgot to change it also. after 2 weeks, my itunes card balance of usd80 was zeroed out with songs and iphone apps.

i complained to itunes and was initially sent a pre-formatted decline letter indicating the terms and conditions and my account was suspended. i appealed my case and it took them close to a month to activate my account. my problem was that i made 3-4 complaint on each different apps and music thus it was suspended again after another CSR took note of opened complaint. they reinstated my usd80 but they didn't activated my account. i again asked them how do i recover my usd80. they mailed me a check to a US address. i have sinced made another account still using itunes card and not paypal.

i have explained to them to check my history. it took me like a year on spending usd20 out of the usd100 thus i told them that it was not normal for me to splurge usd80 in 1 day with iphone apps as i don't even have 1. i have not bought albums before also...

you cant and insist on your case. that's how i recover my lost itunes credit.

 

@xthine...mmm......fake in the sense that it is being used to defraud unsuspecting iTunes users. The developers behind these apps are indubitably the recipients of your generous "donation."

Just a note on countermeasures:

1. change your iTunes password every week with a strong password (alphanumeric, upper and lower case).

2. never ever respond to an email from ANYONE that requests you to input your sensitive data. When in doubt, contact Apple (or the company concerned) directly via their toll-free numbers (this is easy for you since you're based in the U.S.).

3. use VPN and full session SSL encryption (whenever available) when on public wifi. Best practice is not to accesss your emails, iTunes account etc. on public wifi.

4. Unlink your credit card(s) from your iTunes account and opt for "none" as your payment
choice (i.e., edit your account info and input your credit card number everytime you want to purchase). To lessen the inconvenience, do batch purchases. Rinse. Repeat.

5. Log off all iTunes sessions before closing your device(s).

 

Sorry. I did not mean a fake app - as Apple is traditionally more secure than competition with screening apps for security.

I was referring to your mentioning:

One of many possibilites was perhaps if you logged into a website - maybe they had a fake website to look like an Apple website.

So maybe you logged into iForgot - fake version perhaps.

NOTE: I went to iforgot.com (not recommeded to go there so I did not make it a link) and it does not appear to be even remotely related to Apple. A very easy way for hackers to get accounts.


Unfortunately hackers have many options including the "side jacking" mentioned - all could have been the way they did it.


My experience with those hacker sites was getting occasional email from Warcraft Online asking me to verify my account.
Proper address for warcraft was battle.net but hackers often had links that go to similar looking places such as verify-account-battle.net




@raypin - your signature mentions "Buttkicker LFE". I do not know what that is, but I HOPE it can be used to punish these hackers

 

ot: @savadious......it's an electric chair for perps ..........................it's a low frequency tranducer (LFE = low frequency effects)....bass-activated motion gizmo to give movie viewers the feel of motion such as earthquakes, explosions etc., synced to the scene.

BTT, there needs to be upgrade in security. These hackers are striking everywhere. Lulzsec and Anonoymous are now the targets of cyber law enforcement worldwide. Just the other day, a 19 year old English boy was nabbed by a joint British police and FBI team. The list of victims is growing longer: Sony, Nintendo, Citigroup, FBI, CIA, etc.

If you visit the CIA website, it is now on full session SSL (Verisign). One hospital in the U.S. now use vasculature scanning (palm reading) as part of it's biometrics program to improve patient records security, and easier access to it.

 

Reviving this thread.

How do you email Apple to file a complaint for a fraudulent purchase using my account?

I have the same problem as Xthine. Somebody purchased Gangstaz in apps depleting my iTunes account to zero. (actually, $.36 left). I still have about $50 left in my iTunes account last time i checked.

Apple emailed me that an unregistered device used my account to purchase apps in the AppStore. It also asked me to change my password, which i did.

Now, how do I email or complain to Apple to reverse the fraudulent purchase?

Here's the letter:

Dear (essay)

Your Apple ID, [email protected], was just used to download Original Gangstaz Rock from the App Store on a computer or device that had not previously been associated with that Apple ID.

If you initiated this download, you can disregard this email. It was only sent to alert you in case you did not initiate the download yourself.

If you did not initiate this download, we recommend that you go to iforgot.apple.com to change your password, then see Apple ID: Tips for protecting the security of your account for further assistance.

Regards,
Apple

 

what did you find out first, the email about the unauthorized transaction or the fact that your account has been depleted?

 

The former. When apple notified me, I changed my password of my apple ID right away. Then a few minutes later, when I checked my account (after the reset), it was already depleted.

And just today, I got the iTunes receipts for gangstaz purchases, total of $44.

Maybe not that much, but it's unnerving how your account is unsafe.

I already clicked on "report a problem" (found in iTunes "view your purchase history) on the purchases in question.

But I want to email them, attaching screen grabs of the purchase.

 

Check the time of the purchases & see if it was made after you changed the password. Could it be that the email you got was a phishing scheme? I received a similar email before but I'm not sure if they included a link to iforgot.com. I was notified because my daughter brought her iPod touch to the US & was trying to use some apps there & I was promptly notified that someone was trying to access my account elsewhere. I'll try to look for that email & compare it with yours.


Sent from my iPhone using Tapatalk

 

I did receive the same mail. Good thing though is Skype was the only purchased app which is free.

 

The email is a legit apple notification. Even the link provided brought me to apple website.