Phishing scams attempting to get info out of Apple users are nothing new, but scammers are growing more clever and scams are getting harder to distinguish from actual Apple communication.
On his Krebs on Security site, security researcher Brian Krebs today outlined one of the latest phishing scams he's seen, where an incoming phone call appears to be from a legitimate Apple support line.
As described by Krebs, Jody Westby, CEO of security consulting firm Global Cyber Risk, received an automated call on her iPhone warning her that services containing Apple user IDs had been compromised.
The message asked her to call a 1-866 number, and in the Phone app, the call looked like a call from Apple, with the number listed as 1(800)MYAPPLE, the name listed as Apple Inc., and with Apple's Infinite Loop website.
Westby contacted Apple support via the official Apple Support page and asked for an employee to contact her. She was assured that the call was not legitimate, but when looking in her recent calls list, she saw that real support call had been lumped in with the fake call.
The scammers spoofed Apple's phone number and the iPhone was unable to distinguish between the real and fake calls, making it look like Westby had, in fact, been contacted by Apple multiple times, when that was not the case. Westby told Krebs that this is a convincing scam that people may fall for.
"I told the Apple representative that they ought to be telling people about this, and he said that was a good point," Westby said. "This was so convincing I'd think a lot of other people will be falling for it."
Krebs went ahead and called the number that the scammers had asked Westby to call, where an automated system claimed he had reached Apple Support. A minute later, a person came on the line and asked about the reason for the call. Krebs responded that he was told to call about a breach at Apple, was placed on hold, and the call disconnected with no resolution.
A similar report hit Twitter this morning from Fantastical developer Michael Simmons, who says he received a scam phone call that also spoofed Apple's number.
I just got a scam call from “Apple” with their caller ID spoofed! The voicemail was their robodialer, so it got clipped off, but I heard “So not perform any online activities. Press 1 to speak with an AppleCare agent.” Be careful out there!!https://t.co/FqeYG8lvd9 — Michael Simmons (@macguitar) January 4, 2019
Krebs believes scammers are aiming to obtain personal and financial details from Apple users to get payment, perhaps for tech support services. As he rightly points out, it is both shocking and concerning that Apple devices are unable to tell the difference between a legitimate call from Apple and someone attempting to spoof Apple.
With these kind of phone-based scams, it's a good idea to disconnect the call and get in touch with Apple via the actual support site to avoid being fooled. Apple support does not cold call users in this manner, so these calls are almost always fake, but scammers are skilled social engineers and people do fall for these scams.
Apple has a dedicated support page with information on how to avoid fake support calls, phishing emails, and other scam techniques that malicious individuals employ to extract information from Apple users.
Top Rated Comments
Getting rid of SS7 as the back end and going end-to-end encrypted and verified will be the long term solution to stopping this. That would have the added benefit of preventing all kinds of espionage and eavesdropping on everyone's phone calls.