Apple Phishing Scams Growing More Advanced, With Latest Spoofing Apple Phone Numbers

[MacRumors]

Phishing scams attempting to get info out of Apple users are nothing new, but scammers are growing more clever and scams are getting harder to distinguish from actual Apple communication.

On his Krebs on Security site, security researcher Brian Krebs today outlined one of the latest phishing scams he's seen, where an incoming phone call appears to be from a legitimate Apple support line.

As described by Krebs, Jody Westby, CEO of security consulting firm Global Cyber Risk, received an automated call on her iPhone warning her that services containing Apple user IDs had been compromised.

The message asked her to call a 1-866 number, and in the Phone app, the call looked like a call from Apple, with the number listed as 1(800)MYAPPLE, the name listed as Apple Inc., and with Apple's Infinite Loop website.

Westby contacted Apple support via the official Apple Support page and asked for an employee to contact her. She was assured that the call was not legitimate, but when looking in her recent calls list, she saw that real support call had been lumped in with the fake call.

Original scam call info on the left, with scam call info lumped in with actual Apple support call on right.​

The scammers spoofed Apple's phone number and the iPhone was unable to distinguish between the real and fake calls, making it look like Westby had, in fact, been contacted by Apple multiple times, when that was not the case. Westby told Krebs that this is a convincing scam that people may fall for.

"I told the Apple representative that they ought to be telling people about this, and he said that was a good point," Westby said. "This was so convincing I'd think a lot of other people will be falling for it."

Krebs went ahead and called the number that the scammers had asked Westby to call, where an automated system claimed he had reached Apple Support. A minute later, a person came on the line and asked about the reason for the call. Krebs responded that he was told to call about a breach at Apple, was placed on hold, and the call disconnected with no resolution.

A similar report hit Twitter this morning from Fantastical developer Michael Simmons, who says he received a scam phone call that also spoofed Apple's number.

I just got a scam call from "Apple" with their caller ID spoofed! The voicemail was their robodialer, so it got clipped off, but I heard "So not perform any online activities. Press 1 to speak with an AppleCare agent."Be careful out there!!https://t.co/FqeYG8lvd9 - Michael Simmons (@macguitar) January 4, 2019

Krebs believes scammers are aiming to obtain personal and financial details from Apple users to get payment, perhaps for tech support services. As he rightly points out, it is both shocking and concerning that Apple devices are unable to tell the difference between a legitimate call from Apple and someone attempting to spoof Apple.

With these kind of phone-based scams, it's a good idea to disconnect the call and get in touch with Apple via the actual support site to avoid being fooled. Apple support does not cold call users in this manner, so these calls are almost always fake, but scammers are skilled social engineers and people do fall for these scams.

Apple has a dedicated support page with information on how to avoid fake support calls, phishing emails, and other scam techniques that malicious individuals employ to extract information from Apple users.

Article Link: Apple Phishing Scams Growing More Advanced, With Latest Spoofing Apple Phone Numbers

 

[ravenstar]

Why is it surprising that a phone can't tell the difference between caller id information that's fake and caller id information that's legitimate? It's indeed troubling that caller ID spoofing is so common, but this is common to all phones the display caller ID information and is something the carriers need to resolve.

 

[Shiro_Simba]

That’s the problem when you get popular !

Though , Apple is the best for security , so I will not be leaving them any time soon

 

[centauratlas]

Incorporating built-in call spoofing protection and the ability to block unknown callers would go a long way to help.

Getting rid of SS7 as the back end and going end-to-end encrypted and verified will be the long term solution to stopping this. That would have the added benefit of preventing all kinds of espionage and eavesdropping on everyone's phone calls.

 

[Enclavean]

Jesus, that would probably have fooled me all the way until they asked for passwords/credit card

 

[itsmilo]

Is the whole scam calling stuff an US thing? I don’t think I ever had a call I did not know who it was on my phone. Two days in Miami with a local prepaid sim and I got random calls from Cuba DAILY

 

[Ankou_Sabat]

These fake/spoofed caller ID calls and robo calls would end tomorrow if they would fine the carriers; AT&T, Verizon, Sprint, et all for facilitating the transfer. The day after that gets announced, you'll see how fast those guys fix and end this garbage once and for all.

 

[kazmac]

Yes, I got one of those your “iCloud account has been breached” calls last Sunday. Hung up on it. I do not use iCloud.

I immediately reported that call to Apple.

They try every so often, but I know the only way I get a call from Apple support is if I call in first with an issue.

 

[riverfreak]

I’ve never understood why there isn’t a simple whitelist function. I don’t want ANYONE outside of my contacts sending me email or texts, or calling me. Is it too much to ask to block people you don’t know from contacting you?

 

[AngerDanger]

You could really mess with phishers by saying, "I'm kinda busy, so lemme call you back in a little while. I'll just look up the Apple support number online… unless there's some reason I can't just use Apple's official site to contact you."

 

[StandingGoose]

I’ve never understood why there isn’t a simple whitelist function. I don’t want ANYONE outside of my contacts sending me email or texts, or calling me. Is it too much to ask to block people you don’t know from contacting you?

Settings -> Do Not Disturb -> Allow Calls From -> {Everyone, No One, Favorites, All Contacts, ...}

 

[Ankou_Sabat]

I’ve never understood why there isn’t a simple whitelist function. I don’t want ANYONE outside of my contacts sending me email or texts, or calling me. Is it too much to ask to block people you don’t know from contacting you?

Whitelisting/blacklisting doesn't do anything to stop these calls because its based on caller ID which is often faked. I've been called by robo/scammers with my *own* phone number as the caller ID. There is no reason that at the absolute very least the carriers cannot weed out most if not all of these by checking against their own pool of phone numbers against the caller ID before the transfer is even made.

 

[Pirate515]

Why is it surprising that a phone can't tell the difference between caller id information that's fake and caller id information that's legitimate? It's indeed troubling that caller ID spoofing is so common, but this is common to all phones the display caller ID information and is something the carriers need to resolve.

I don't think any phones are designed to look at incoming calls at deeper level, which is why the flood or robocalls in general in the first place. So until a system gets implemented that will be able to compare to insure that the number shown on Caller ID is in fact the number where the call is coming from, these sorts of things will unfortunately persist.

The funny thing with this particular scam is that the con artists behind it rely on you actually answering the phone. Given that they are spoofing the legit AppleCare number, if you do not pick up when they call you and and call back later instead, you will in fact get the real AppleCare and they are SOL. The main thing to be on a lookout for just like with "Windows Tech Support" scams is that AppleCare will not call you out of the blue unless you have an existing case open with them, and if that be the case, they will greet you by your name and not be some generic phrase (e.g. Dear Customer). And if you are in doubt about whether you are talking to real Apple rep or not, you can always hang up and call back the number listed on Apple's website.

 

[Superhai]

Is the whole scam calling stuff an US thing?

It is worldwide, but I think US is more targeted as there are more people living there and as such the chance of success is higher. There is also a language thing. I lived in India some years ago and it was endemic, but the callers only spoke in hindi, which I don't speak so I di not understand what was said.

 

[Doomtomb]

Question is, how does the scammer know the number they are calling is an iPhone?

 

[Porco]

I think it's sensible advice (to both follow and give to others) to just not answer or engage with any incoming calls from anyone - shops, banks, service providers, anyone. Any that are genuine will not (or certainly should not) mind you calling them independently to ask if there is anything they need to know or ask.

 

[oldmanwinter]

Call spoofing needs to be stopped. The cons far outweigh the pros. Do something Congress, FCC, Apple, someone!
[doublepost=1546637949][/doublepost]

Question is, how does the scammer know the number they are calling is an iPhone?

They don't care. They can make calls in the millions. They're bound to hit a good percentage of iPhones.

 

[jonblatho]

That would have the added benefit of preventing all kinds of espionage and eavesdropping on everyone's phone calls.

Which is, of course, exactly why it'll never happen.

 

[Allpaul]

Apple is doomed..

 

[Superhai]

Any that are genuine will not (or certainly should not) mind you calling them independently to ask if there is anything they need to know or ask.

It is a tricky one, as is this case. The call is about possible breach, which if it was real could be important to follow up immediately, if Apple knew that action had to be taken. There are also legitimate reasons to call a customer if there are any other critical issues. Credit card companies routinely calls if there are suspicious transactions, airline calls if flights are changed or canceled. The solution is rather to change the underlying infrastructure.

 

[cloudyo]

Apple support does not cold call users in this manner,

Yes, they do. I got a call about about a post I made in their Support Forums. I was very suspicious at first but the things they already knew about me (like, the real identity and phone number behind my nickname) made me trust the guy on the other end. At the end he also gave me an apple.com address to send an error report to, so i am sure it was legit.

My point is: it happens.

 

[cppguy]

This is very common, unfortunately. I repeatedly get phishing scam calls from my bank, insurance company. The phone number seems legit, it's always the correct 1-800 number. They are asking for the last 4 digits of the social security number for "verification" purposes. If the real bank is calling, they never ask for such thing. They don't need to verify your SSN, Mother's name, digits of your cards, and so on. They may verify your address, and that's it. I would hang up immediately, and call the official number myself. Never provide any information to incoming callers!!!

 

[npmacuser5]

Amazes me that in Today's technology we cannot make a caller ID and or email work securely. A phone number/email address should be unique in the digital world. Lot of creative minds out there, put them to work.

 

[CPx]

I’ve never understood why there isn’t a simple whitelist function. I don’t want ANYONE outside of my contacts sending me email or texts, or calling me. Is it too much to ask to block people you don’t know from contacting you?

Unless you deleted it manually, the 1-800-MYAPPLE number used here is already in your contacts. It's in mine, anyway, and I never added it.

 

[joenruschia]

I get an average of four of these calls a day. It's annoying but it's been going on for at least a month now.