Powered by Movable Type 3.121
Home The Book Training Events Tools Stats
Web log archive.
A Dispatch

« Elaborate iTunes Store Receipt Scam | Main | Luno Wallet Phishing »

May 10, 2018

Apple-Branded Telephone Scam

Although this blog is primarily about email and messaging spam or other crime, I believe the information below about a telephone scam is very important.

At the root of this scam is the fact that it's almost as easy to spoof Caller ID as it is the From: field of an email message. In this case, the scammers spoof Caller iD to look like a legitimate number belonging to Apple Technical Support (800-275-2273). This really is Apple's number, but only for calls going to Apple.

The call is a robocall, with a computerized voice saying something along the line of the following (plus or minus poor grammar):

This call is in regards to your Apple account. Our server has detected some suspicious hacking activity on Apple account. Please do not use your Apple devices until you speak with an Apple support representative. Please refrain using financial activity on devices. In order to speak with an Apple support representative right now, please press 1, or else call us back on our toll-free number 1-877-252-8067. I repeat at 1-877-252-8067. Thank you.

If you get tricked into pressing 1 or calling back on the provided number (note, it's different from the Caller ID number, and may vary from the one shown above), you will be guided to hand remote control of your device to the criminal, who will then lock up your machine and its data. To unlock the device, you will be instructed to buy gift cards, and provide the ID numbers to the crooks.

It's extortion, plain and simple, and it will ultimately require you to talk with the real Apple Support to reset your passwords. More than just your day will be ruined.

Some recipients of this phone message knew right away it was a scam because they had no Apple devices or accounts. They're the fortunate ones in this regard. But even lots of Windows users have iTunes accounts, and fear that they've been hacked—when, in truth, they have not.

So, how do you know if you've really been hacked without getting caught up in this scam? Simply log into whatever account(s) you might have that require your Apple ID via Apple software (e.g., iTunes, App Store, iBooks, iCloud, etc.). If there is a problem with your account, you'll find out about it there. But 99.999999% of the time, you'll experience no difficulty, and you have not been hacked. Ignore the phone message, and go on with your life.

Please spread this warning around far and wide.

Posted on May 10, 2018 at 02:04 PM