New Phishing Scam Disguises Voice Calls to Look Like a Real Apple Support Call

Unfortunately, phishing scams aren’t going anywhere anytime soon. And, worse, some of them are pretty effective in their game to misguide potential victims.

The newest scam was briefly profiled by TechCrunch on Friday, and it’s alarming at how sneaky it is at face value. As detailed in the original report, this new phishing scam is a voice call, and it’s disguised behind the guise of an actual Apple Support call. You can see it in action in the photo below.

Apparently, Jody Westby got a call from what appeared to be Apple Support. The information that came along with the incoming number even said as much. The person told Westby to give Apple Support a call back, which was actually tied to an 866 number. Westby called back and things were immediately off:

“KrebsOnSecurity called the number that the scam message asked Westby to contact (866-277-7794). An automated system answered and said I’d reached Apple Support, and that my expected wait time was about one minute and thirty seconds. About a minute later, a man with an Indian accent answered and inquired as to the reason for my call.

Playing the part of someone who had received the scam call, I told him I’d been alerted about a breach at Apple and that I needed to call this number. After asking me to hold for a brief moment, our call was disconnected.

No doubt this is just another scheme to separate the unwary from their personal and financial details, and to extract some kind of payment (for supposed tech support services or some such). But it is remarkable that Apple’s own devices (or AT&T, which sold her the phone) can’t tell the difference between a call from Apple and someone trying to spoof Apple.”

The methodology here is what’s disturbing, because it allows an exploit to pollute search results with bogus information, which can then be tied to a number to make what is normally an authentic number lead to something malicious.

In this case, when it comes to a support line, the obvious way to know that you’re probably the target of a scam is the fact that support staff aren’t typically going out of their way to call owners of a device to let them know their device is broken. Owners usually have to call in for that type of assistance.

Still, it’s good to be aware that this particular scam is going around.

[via TechCrunch; Krebs]

Like this post? Share it!

Comments

Post a Comment

Popular posts from this blog

iPhone XR IP67 Water-Resistant Rating Explained: Here’s What It Really Means

Image
Despite costing almost $250 less than the iPhone XS , the iPhone XR offers almost the same set of features and experience as its more expensive sibling. Apple does make a few compromises to reach that $749 price tag of the iPhone XR including a downgrade to IP67 certification. While the iPhone XS and iPhone XS Max come with IP68 certification, the iPhone XR features an IP67 certification. That’s not bad by any means and the same as iPhone 8 and iPhone X from 2017 . But what exactly does the IP67 certification mean? Read below to find out. What IP Certification Really Means The IP certification guideline has been defined by the IEC 60529 standard which provides an Ingress Protection a.k.a IP rating to all consumer devices for their dust and water-resistance capabilities. The ‘6’ in the IP67 rating of the iPhone XR denotes its dust-resistance capabilities, while the ‘7’ denotes its water-resistance capabilities. While 6 is the highest dust-resistance rating ...
Read more

Class Action Lawsuit Against Apple Over Spectre and Meltdown Vulnerabilities Gets Dismissed

Image
The hardware vulnerabilities Spectre and Meltdown were big deals leading into 2018, but it looks like Apple will avoid major legal action in regard to a class action lawsuit filed against the company. If you’ll recall, a class action lawsuit was filed against Apple in January of 2018 , with the complaint at the time saying, “Apple knew about the Spectre and Meltdown security defects as early as June of last year, and, as such, did not inform its customer base in a meaningful timeframe. In addition to that, the complaint states that Apple cannot implement a fix for Spectre and/or Meltdown without heavily impacting the performance of those processors”. Apple, for its part, did patch the issue for both iOS devices and macOS machines out in the wild, but that did little to assuage folks affected by the issue in the first place. Which led to that lawsuit. However, AppleInsider is reporting on Friday that the litigation against Apple has been dismissed due to a “lac...
Read more

Carriers Say They Will Close Access to Customer Geo-Location Data to Third-Parties

Image
One of the pieces of the giant data puzzle that carriers are able to routinely obtain from a smartphone on its network is geo-location, but unfortunately for customers that data hasn’t been handled all that well. In a report from The Verge , two of the three wireless carriers that were specifically named in a recent in-depth report regarding the misuse of customer geo-location data have responded in a hopefully meaningful way, indicating that change is (finally) coming. As a quick recap, it was recently reported this week by Motherboard that all it took was paying $300 to a bounty hunter and supplying a phone number to track down a device, and its owner, to a specific location. That bounty hunter picked up the data, which required no hacking at all, from a third-party company called Zumigo, which was providing data access from major phone carriers by way of another company called Microbilt — which has been offering its services to several companies for quite some time. The ...
Read more