This is particularly evil, since it's associated with the Zeus trojan that steals banking credentials

The quality of phishing emails have dramatically improved as the quality assurance by malware miscreants improves. 

On closer inspection, there were three very subtle errors made on this iTunes phishing attack:

1. No street address was shown.  iTunes receipts always have your street address listed and spamming dirt bags don't have that (we hope).
2. Receipts (that I've paid attention to) come with an American style date format .. month / day / year.  Canadian or European formats are typically day / month / year or year / month / day.  This one is  day / month / year.
3. Modern corporate invoicing systems don't include leading zeros. Also the quantity and dollar amounts don't add up.

Every web hyper-link in this invoice except for the Apple Store Support and the Apple Legal links point to a non-Apple site.  All the links in iTunes invoices point to Apple.  In this case, the infected domain was  medicineni.com . This is particularly evil, since it's associated with the Zeus trojan that steals banking credentials. Bogus LinkedIn invites have also been confirmed to be coming from the Zeus botnet.

We still need to stay awake to the attacks by these malware miscreants, because they are getting better by the month.

rsync -av -e ssh "Music/iTunes/iTunes Music/" ahull@10.20.1.103:"/Users/ahull/Music/iTunes/iTunes\ Music"