Some iTunes users are finding that scammers are stealing their money through PayPal. Numerous people have been claiming as much on Twitter and Facebook.
Erick Schonfeld at TechCrunch reports, "At least one group of scammers has found a way to charge thousands of dollars to iTunes accounts through PayPal. One targeted customer told us, 'My account was charged over $4700. I called security at PayPal and was told a large number of iTunes store accounts were compromised.' His email was filled with nearly 50 receipts from PayPal for $99.99 each."
Some are going so far as to remove their PayPal accounts from iTunes altogether.
According to John Paczkowski at All Things Digital, it is gullible users who are to blame. "There's no security hole in iTunes, and if you’ve been unfortunate enough to have hundreds of dollars in unauthorized purchases charged to your iTunes account, it's likely because you've fallen victim to a bot attack or phishing scam–a variation on the one that’s been around for years now," he writes. "Sources close to Apple tell me iTunes has not been compromised and the company isn’t aware of any sudden increase in fraudulent transactions."
He also has an official statement from Apple on the matter, which says, "ITunes is always working to prevent fraud and enhance password security for all of our users. But if your credit card or iTunes password is stolen and used on iTunes we recommend that you contact your financial institution and inquire about canceling the card and/or issuing a chargeback for any unauthorized transactions. We also recommend that you change your iTunes account password immediately."
According to Paczkowski, PayPal has said that it will reimburse people for unauthorized charges.