MacRumors: Mac News and Rumors - Front Page
Apple Phishing Scams Growing More Advanced, With Latest Spoofing Apple Phone
Numbers
Phishing scams attempting to get info out of Apple users are nothing new, but
scammers are growing more clever and scams are getting harder to distinguish
from actual Apple communication.
On his Krebs on Security site, security researcher Brian Krebs today outlined
one of the latest phishing scams he's seen, where an incoming phone call
appears to be from a legitimate Apple support line.
As described by Krebs, Jody Westby, CEO of security consulting firm Global
Cyber Risk, received an automated call on her iPhone warning her that services
containing Apple user IDs had been compromised.
The message asked her to call a 1-866 number, and in the Phone app, the call
looked like a call from Apple, with the number listed as 1(800)MYAPPLE, the
name listed as Apple Inc., and with Apple's Infinite Loop website.
Westby contacted Apple support via the official Apple Support page and asked
for an employee to contact her. She was assured that the call was not
legitimate, but when looking in her recent calls list, she saw that real
support call had been lumped in with the fake call.
Original scam call info on the left, with scam call info lumped in with actual
Apple support call on right.
The scammers spoofed Apple's phone number and the iPhone was unable to
distinguish between the real and fake calls, making it look like Westby had, in
fact, been contacted by Apple multiple times, when that was not the case.
Westby told Krebs that this is a convincing scam that people may fall for.
"I told the Apple representative that they ought to be telling people about
this, and he said that was a good point," Westby said. "This was so convincing
I'd think a lot of other people will be falling for it."
Krebs went ahead and called the number that the scammers had asked Westby to
call, where an automated system claimed he had reached Apple Support. A minute
later, a person came on the line and asked about the reason for the call. Krebs
responded that he was told to call about a breach at Apple, was placed on hold,
and the call disconnected with no resolution.
A similar report hit Twitter this morning from Fantastical developer Michael
Simmons, who says he received a scam phone call that also spoofed Apple's
number.
I just got a scam call from “Apple” with their caller ID spoofed! The voicemail
was their robodialer, so it got clipped off, but I heard “So not perform any
online activities. Press 1 to speak with an AppleCare agent.”
Be careful out
there!!https://urldefense.proofpoint.com/v2/url?u=https-3A__t.co_FqeYG8lvd9&d=DwIFaQ&c=OAG1LQNACBDguGvBeNj18Swhr9TMTjS-x4O_KuapPgY&r=F2GFXrjLFqVo3VwvIlo_XYeEiRRjHv15rxcenz7A21woG2aFGcrzndoSsskxfmOs&m=eN4cXOsu4Lh7u4pwHFav2jJMcyvMjyWZy4gRhKQdKB4&s=D9tdfJiiHuTsurPFQU0taeAXtA0tKYuvl3xNDJH_hhE&e=
— Michael Simmons (@macguitar) January 4, 2019
Krebs believes scammers are aiming to obtain personal and financial details
from Apple users to get payment, perhaps for tech support services. As he
rightly points out, it is both shocking and concerning that Apple devices are
unable to tell the difference between a legitimate call from Apple and someone
attempting to spoof Apple.
With these kind of phone-based scams, it's a good idea to disconnect the call
and get in touch with Apple via the actual support site to avoid being fooled.
Apple support does not cold call users in this manner, so these calls are
almost always fake, but scammers are skilled social engineers and people do
fall for these scams.
Apple has a dedicated support page with information on how to avoid fake
support calls, phishing emails, and other scam techniques that malicious
individuals employ to extract information from Apple users.
Tag: phishing
This article, "Apple Phishing Scams Growing More Advanced, With Latest Spoofing
Apple Phone Numbers" first appeared on MacRumors.com
Discuss this article in our forums
https://urldefense.proofpoint.com/v2/url?u=https-3A__www.macrumors.com_2019_01_04_apple-2Dphishing-2Dscams-2Dgrowing-2Dmore-2Dadvanced_&d=DwIFaQ&c=OAG1LQNACBDguGvBeNj18Swhr9TMTjS-x4O_KuapPgY&r=F2GFXrjLFqVo3VwvIlo_XYeEiRRjHv15rxcenz7A21woG2aFGcrzndoSsskxfmOs&m=eN4cXOsu4Lh7u4pwHFav2jJMcyvMjyWZy4gRhKQdKB4&s=LC5yKy-hREeg3xQleG57S2EOybmurihFFroQ_ixdR-A&e=
Sent with Reeder
Sent from my iPhone
_______________________________________________
MacGroup mailing list
Posting address: [email protected]
Archive: <http://www.mail-archive.com/[email protected]/>
Answers to questions: <http://erdos.math.louisville.edu/macgroup/>
