Telephone phishing scams (also known as Vishing Scams) have been around for ages, and robocalling has been on the rise recently. Companies are taking a stand and improving their cybersecurity against these annoying scam attempts, and one company that is currently involved in a particularly dangerous phone scam is Apple.
This scam that is making the rounds involves an “Apple Support Agent” contacting an Apple user to alert them of their account being part of a data breach. The attempt is done through a spoofing technique to impersonate the real Apple support telephone number, showing as 1 (800) MYAPPLE or 800-275-2273 on non-Apple devices, but is a bogus call coming from Pakistan that advises you to call an 866 number for support.
Even more dangerous, on Apple devices the caller ID of the scammer will either show as “Apple Customer Service” or “AppleCare” and has the Apple Logo as its avatar, giving the illusion that the call is legitimate. If the call is answered or the 866 number is called, an automated service prompts you to enter 1 to speak with someone about your account, hoping that you give the scammer your iCloud or Apple ID account information.
Apple is strengthening their battle against scam calling not only by advising users to not answer phone calls from Apple Support impersonators, but by adding a new feature to iOS 13 that uses Siri intelligence to detect unknown calls and banish them straight to voicemail. The new feature is slated to be available this fall.
Just like the IRS would never call you about the status of your taxes, Apple will never make an unsolicited phone call to warn you about your account. In fact, one of these scammers attempted to call our owner multiple times in a single day, but thankfully we are aware of this kind of phishing scam and hope that now you are as well. If you are concerned about the status of your Apple account, contact the company directly for assistance.
Stay vigilant! For more information on how to protect yourself from phishing attacks such as this, visit our War on Cybersecurity page.
*Image Credit: Krebs on Security