Phishers have targeted users of Apple Inc.'s iTunes music store with sophisticated identity theft attacks for the first time, a security company said today.

People began receiving spammed messages yesterday telling them that they must correct a problem with their iTunes account, said Andrew Lochart, an executive with e-mail security vendor Proofpoint Inc.

A link in the spam leads to a site posing as an iTunes billing update page; that phony page asks for information including credit card number and security code, Social Security number and mother's maiden name.

Anti-malware group scolds Apple over Safari 'carpet bomb'

An anti-malware organization has called on Apple Inc. to beef up its Safari Web browser to protect users from exploits that could let attackers download malicious code to a Mac or Windows user's desktop.

StopBadware.org, a group founded by Google Inc., Lenovo Group Ltd. and Sun Microsystems Inc., on Monday asked Apple to reconsider its refusal to address the flaw as a security problem.

"StopBadware.org believes that users should have control over software being downloaded to their computers, and we encourage Apple to reconsider its stance and treat this as the security issue that it is," StopBadware.org said in an appeal posted to its Web site.