Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

MacRumors

macrumors bot
Original poster
Apr 12, 2001
64,450
32,281


Apple this month refreshed the security support document that provides iPhone, iPad, and Mac users with tips on how to recognize and avoid social engineering schemes like phishing messages and fake support calls.

iPhone-12-Security-Feature.jpg

The updated information follows recent reports of "smishing" attacks targeting Apple IDs. Malicious actors have been sending out SMS text messages that attempt to get users to provide their Apple ID usernames and passwords on a fake iCloud website.

Apple's guidelines provide key information that all users should be aware of to protect themselves, such as a recommendation to ignore messages with suspicious links. Apple says that it will not ask for Apple ID passwords or verification codes, and users should contact Apple directly rather than answering a suspicious phone call or message claiming to be from Apple.

Further, Apple will not ask users to log into any website, to tap Accept in the two-factor authentication dialog, or to enter a two-factor code into a website. Apple will also not request that users disable features like two-factor authentication, Find My, or Stolen Device Protection. Apple's security tips:
  • Never share personal data or security information like passwords or security codes, and never agree to enter them into a webpage that someone directs you to.
  • Protect your Apple ID. Use two-factor authentication, always keep your contact information secure and up to date, and never share your Apple ID password or verification codes with anyone. Apple never asks for this information to provide support.
  • Never use Apple Gift Cards to make payments to other people.
  • Learn how to identify legitimate Apple emails about your App Store or iTunes Store purchases.
  • Learn how to keep your Apple devices and data secure.
  • Download software only from sources you can trust.
  • Don't follow links or open or save attachments in suspicious or unsolicited messages.
  • Don't answer suspicious phone calls or messages claiming to be from Apple. Instead, contact Apple directly through official support channels.
Scammers will go to great lengths to get personal information, so Apple recommends watching out for tricks like creating a sense of urgency through scare tactics like stolen personal information or unauthorized charges. Scammers are after login information and security codes, so that information should not be entered on a website accessed through a link in a text or an email.

Apple also warns against downloading unrecognized, unsafe software and configuration profiles and following instructions on pop-ups. Users who receive a pop-up should ignore the message and close the entire window or tab.

Apple has further instructions on how to spot social engineering schemes, the forms those schemes can take, and how to report suspicious emails, messages, and phone calls. There is a separate support document on what to expect from Apple Support and the kinds of information Apple will not request.

Article Link: Apple Gives Tips on Avoiding Phishing Scams Amid Warnings of New SMS Threat
 
  • Like
Reactions: jz0309

Fuzzball84

macrumors 68020
Apr 19, 2015
2,462
5,705
Fishing scams have proliferated but I still don’t see many people down at the pier or by the lake these days.so I have no idea how so many people are getting scammed when participation is down 🤔

In all seriousness… only visits sites you trust, download from sites you trust and never take a risk if something doesn’t feel right.
 
  • Like
Reactions: tshane

Realityck

macrumors G4
Nov 9, 2015
10,725
16,125
Silicon Valley, CA
Took a week for this news to show up on most press/news services

original source July 2nd. (link was in the OP)

Copy Link
Phishing actors continue to target Apple IDs due to their widespread use, which offers access to a vast pool of potential victims. These credentials are highly valued, providing control over devices, access to personal and financial information, and potential revenue through unauthorized purchases. Additionally, Apple's strong brand reputation makes users more susceptible to trusting deceptive communications that appear to be from Apple, further enhancing the attractiveness of these targets to cybercriminals.
These campaigns are mostly conducted via email although increasingly also through malicious SMS. A very recent case saw a threat actor distributing malicious SMS messages in the United States.
Observed malicious SMS:

  • Apple important request iCloud: Visit signin[.]authen-connexion[.]info/icloud to continue using your services.
Typically, smishing actors restrict access to their malicious websites to users on mobile browsers and specific regions to evade detection by monitoring systems. However, in this instance, the malicious website is accessible from both desktop and mobile browsers. To add a layer of perceived legitimacy, they have implemented a CAPTCHA that users must complete. After this, users are directed to a webpage that mimics an outdated iCloud login template.
 

now i see it

macrumors G4
Jan 2, 2002
10,914
23,139
The scams always follow the same game plan. They’re easy to spot.

Always starts out with some sort of threat to create fear and anxiety.
In the past there were some that claimed you had come into tins of money.
Then -always- there’s a link that they provide to “fix” the problem or just a phone number.

Is it a Scam?
Threat or ridiculous + link = yes.
Easy.
 

JosephAW

macrumors 603
May 14, 2012
6,121
8,200
Turn off link preview. That way you can hover on a link to see what it is. :rolleyes:
 

macfacts

macrumors 603
Oct 7, 2012
5,016
5,974
Cybertron
I thought messages go through apple servers, can't apple see one number is "robo calling" people and just block those messages.
 

ifxf

macrumors 6502
Jun 7, 2011
488
764
Another reason not to put all your eggs in 1 basket. Only use Apple for devices and software. Use other companies for email, banking, cloud, streaming, music, etc.
 

The_Gream

macrumors regular
Jul 16, 2020
226
546
Good thing I am good and paranoid (not sure if it is from all the humans I have been around in life or EVE Online), but I avoid pretty much every weird text or email.

Though I do try to have fun with those crazy “Oh I am so sorry. my secretary must have typed the number in wrong.” All the text come across as if written by a non native English person. I now tell them I am a luft balloon pilot for a company that transports hogs. Flying Pigs or Hog High.
 

anthony131

macrumors member
Apr 17, 2021
36
66
Why don’t they send these sorts of announcements out via email? This is the first I’ve heard of such events. Would love my colleagues and family to be made aware of this.
 
  • Like
Reactions: EedyBeedyBeeps

coolfactor

macrumors 604
Jul 29, 2002
7,269
10,076
Vancouver, BC
Would be good if Apple could do their part.

iCloud, Apple TV+, software/rental purchases: email from no_reply@email.apple.com with Apple logo and blue verified checkmark. Great!

Hardware purchase: dodgy looking email from au_cons_do_not_reply@asia.apple.com, no evidence to suggest it's legitimate even though it is. Gmail understandably sends such emails to spam folder.

The "apple.com" root domain is pretty good evidence that it's legit, although there are sneaky ways around that, too.
 

johannnn

macrumors 68020
Nov 20, 2009
2,255
2,413
Sweden
Download software only from sources you can trust.
And this is why I, as a European, will never install Epic Store or Alt Store or Optional Store och Shift Store or whatever all thousand different stores will be called.

Great supporting document btw. I should give it to my less tech savvy family and grand parents.
 
  • Like
Reactions: iMean and rbbloom99

madmin

macrumors 6502a
Jun 14, 2012
695
4,029
Smish smash I was taking a bath
On about a Saturday night
Rub dub just relaxing in the tub
Thinking everything was alright
Well I stepped out of the tub
Put my feet on the floor
Wrapped my Vision Pro around me
and it opened the door, and then a
Smish smash I jumped back in the bath
Well how was I to know a third party app store was allowed
There was a smishing and a smashing, reeling with the feeling
Moving and grooving, wheeling and a stealing, yeah
 
  • Haha
Reactions: Porco

Jonnod III

macrumors member
Jan 21, 2004
99
55
I have an email address only used for my Apple ID. So all the phishings sent to my main email address are obviuos.
 

Strebor

macrumors member
Sep 15, 2022
42
100
It's time Apple mail and iMessage start to investigate URLs in mails. If www.ups.com is visible, but the link goes to some a different domain, like to.com/234567890 then it's obvious there is something phishy going on and the mail is a phishing mail. Apple Mail and iMessage should put a warning beside the URL. Also allow me to configure what to do with such mails (send to spam, or just put a warning sign beside URLs).

This also goes for mail services like Google Workspace, Gmail. Microsoft 365, Outlook, Yahoo and others.
 

Strebor

macrumors member
Sep 15, 2022
42
100
More proof that everything in the Universe exists in balance. For every good person, there appears to be an evil one. 🤪
I think there are a lot more good ones than evil ones.
It's just that some of the evil ones manage to get more power than is good all.
 

polyphenol

macrumors 68000
Sep 9, 2020
1,948
2,323
Wales
Just this morning, I had a phone call from a withheld number. I get very few calls so thought it possibly genuine but entirely prepared to terminate.

It was a genuine call from my water company.

Why do companies still withhold numbers? Just a generic presentation number would be so much more sensible.

(When I used to get lots more calls, I'd not even answer such calls.)
 
  • Like
Reactions: kc9hzn

softeky

macrumors newbie
Feb 23, 2009
9
1
Apple will also not request that users disable features like two-factor authentication, Find My, or Stolen Device Protection.

Thanks for the article. Apple does, however, request that Find My is disabled when an Apple Watch is unpaired and moved to a different account. Not a completely surprising request for this particular task though. This step is probably not automated to better thwart device theft as this step also requires the provision of an ID account password.
 

Apple_Robert

Contributor
Sep 21, 2012
34,981
51,008
In the middle of several books.
It's time Apple mail and iMessage start to investigate URLs in mails. If www.ups.com is visible, but the link goes to some a different domain, like to.com/234567890 then it's obvious there is something phishy going on and the mail is a phishing mail. Apple Mail and iMessage should put a warning beside the URL. Also allow me to configure what to do with such mails (send to spam, or just put a warning sign beside URLs).

This also goes for mail services like Google Workspace, Gmail. Microsoft 365, Outlook, Yahoo and others.
I don’t want Apple reading my email regardless of the cause.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.