There has been some concern over the past few days about a potential security hole in iTunes, although reviews by Apple and PayPal show that no vulnerability exists.
The problem actually relates to a good old fashioned phishing scam, a common, non-technical approach to ripping people off online.
The scam involves users following links or instructions in emails advising them to either change a password, click a link that ultimately leads them to malware or make some other inadvisable alteration to their account.
TechCrunch first covered the story yesterday, although the article seems to accuse iTunes of causing the problem.
Apple has made a slight change to how frequently certain payment information must be entered, but otherwise both Apple and PayPal are encouraging users to ignore any email asking for personal information or password changes.
PayPal has offered to refund any unauthorized charges.