Powered by Movable Type 3.121
Home The Book Training Events Tools Stats
Web log archive.
Dispatches Archive

« April 2018 | Main

May 10, 2018

Apple-Branded Telephone Scam Permalink

Although this blog is primarily about email and messaging spam or other crime, I believe the information below about a telephone scam is very important.

At the root of this scam is the fact that it's almost as easy to spoof Caller ID as it is the From: field of an email message. In this case, the scammers spoof Caller iD to look like a legitimate number belonging to Apple Technical Support (800-275-2273). This really is Apple's number, but only for calls going to Apple.

The call is a robocall, with a computerized voice saying something along the line of the following (plus or minus poor grammar):

This call is in regards to your Apple account. Our server has detected some suspicious hacking activity on Apple account. Please do not use your Apple devices until you speak with an Apple support representative. Please refrain using financial activity on devices. In order to speak with an Apple support representative right now, please press 1, or else call us back on our toll-free number 1-877-252-8067. I repeat at 1-877-252-8067. Thank you.

If you get tricked into pressing 1 or calling back on the provided number (note, it's different from the Caller ID number, and may vary from the one shown above), you will be guided to hand remote control of your device to the criminal, who will then lock up your machine and its data. To unlock the device, you will be instructed to buy gift cards, and provide the ID numbers to the crooks.

It's extortion, plain and simple, and it will ultimately require you to talk with the real Apple Support to reset your passwords. More than just your day will be ruined.

Some recipients of this phone message knew right away it was a scam because they had no Apple devices or accounts. They're the fortunate ones in this regard. But even lots of Windows users have iTunes accounts, and fear that they've been hacked—when, in truth, they have not.

So, how do you know if you've really been hacked without getting caught up in this scam? Simply log into whatever account(s) you might have that require your Apple ID via Apple software (e.g., iTunes, App Store, iBooks, iCloud, etc.). If there is a problem with your account, you'll find out about it there. But 99.999999% of the time, you'll experience no difficulty, and you have not been hacked. Ignore the phone message, and go on with your life.

Please spread this warning around far and wide.

Posted on May 10, 2018 at 02:04 PM

May 07, 2018

Elaborate iTunes Store Receipt Scam Permalink

So many crooks are lazy, even the phishers who want to trick you into giving up your login credentials to valuable accounts. But the latest iTunes account credentials grifter created a nearly believable and sophisticated-looking email message designed (as is so often the case) to accomplish two things:

  1. Raise your blood pressure by tricking you into thinking someone has already hacked your account and ordered stuff you don't know about.
  2. Trick you into clicking a link whose destination will prompt you to enter your Apple ID and password

Your Apple ID can be pretty valuable, especially if you have preloaded your account with money of your own or gift cards. A determined crook can use your ID to get to other personal information, try to reset your email address and/or password, and even order stuff from the Apple Store (hardware goodies) shipped to them as a gift.

Without further ado, here is the phishing email that caught my attention:

iTunes Receipt Phishing email

Adrenalin-pumped recipients may overlook the grammar and spelling mistakes out of fear for either being charged for stuff they didn't buy or that their iTunes or Apple Pay account may have been hacked. Neither is true, of course, and you can look at your list of purchased items in your iTunes account to prove it to yourself. Additionally, legitimate iTunes receipts never include a "Cancellation Order" link—getting a refund is a royal pain.

But the clincher, as shown in the image above by rolling the cursor atop one of the links, is that the links do not point to apple.com. On a touchscreen device, tap and hold your finger atop a link until the URL pops up for preview.

So, it's important not to freak out while your blood pressure rises with these kinds of scams. Take your time, study the message, and, whatever you do, don't click on any link or attachment.

Posted on May 07, 2018 at 08:56 PM