A new phishing scam targeting Apple phone users attempts to obtain sensitive data through phone calls masked with legitimate Apple Support Center information. As reported by Jody Westby, the CEO of Global Cyber Risk LCC, the automated call claims that “multiple servers containing Apple user IDs had been compromised.” Then, the message instructs the recipient to contact a 1-866 number immediately.
According to a report published by KrebsonSecurity, the scheme could prove to be especially dangerous since the fake calls get grouped together with the legitimate calls made or received from Apple. Additionally, the details provided in the caller’s info match the company’s real address and logo—the only identifiable discrepancy is a missing “s” on the HTTP protocol identification of Apple’s website.
Following the scam attempt, Westby contacted Apple Support to make sure the calls had not been legitimate, and her suspicions were confirmed.
“I told the Apple representative that they ought to be telling people about this, and he said that was a good point,” she said. “This was so convincing I’d think a lot of other people will be falling for it.”
Phishing scams are a popular method for hackers in the crypto community to steal crypto from their victims. According to Kaspersky Labs, in 2017, $10M worth of cryptocurrencies were lost due to social engineering attacks. These attacks include creating phishing websites and sending phishing emails to get access to a victim's personal information to hack into their crypto wallets.