A new report from noted security expert Brian Krebs reveals that scammers looking to take advantage of unsuspecting Apple users are becoming incredibly clever and sophisticated. As noted on Krebs on Security, there’s a new phishing scam wherein scammers are able to spoof a legitimate phone call from Apple, thus increasing the odds that victims will hand over sensitive personal and financial information.
As for how the scam works, it’s essentially an advanced phishing scheme where users receive an automated call from what appears to be a genuine Apple number. A resulting message relays that a user’s data may have been compromised and that they should cease all activity on their device and immediately call another number to talk to an Apple customer support representative.
Now here’s where things get even trickier. One iPhone user who received such a call subsequently went to Apple’s customer support page. Shortly thereafter, a legitimate Apple representative called to assess the situation. Naturally, the Apple representative relayed that it was a scam. Apple, after all, doesn’t deliver news of a data breach via the phone.
In any event, the legitimate Apple call at 11:47 AM was “lumped together with the scam call that spoofed Apple,” as evidenced by the photo below.
As Krebs notes, it’s a bit jarring that iOS can’t differentiate between a genuine call from Apple and one from a scammer. Perhaps, though, this shouldn’t come as too much of a surprise given that scammers are always looking for new ways to trick users. Just last week, for example, a relative called me up after a message popped up on her iPhone claiming that she had a virus and that she should call a listed number to remove it. And while most tech savvy users can ordinarily discern when a scam is afoot, that’s not always the case for everyone else.
Of course, fake calls from Apple support represent just a tiny sliver of all the phone-based scams going on these days. As we covered about a month ago, robocalls have sadly become something of an everyday nuisance. Suffice it to say, if you get a call from someone purporting to be from the IRS or from someone claiming to be able to get you a better health insurance plan, you’ll probably want to hang up immediately.