contador web Saltar al contenido

New phishing scam puts user in touch with fake AppleCare operator

With the dizzying growth in the number of smartphones, these devices have become the main target of scams like the phishing, which aim to obtain important personal information, such as logins and access passwords. Unfortunately, we increasingly comment on these attacks and, this time, even if the target audience of the coup are owners of iPhonesMac and iPad owners are also susceptible.

As disclosed by the Ars Technica, that phishing directed to email addresses associated with iCloud, Apple's online service. In the email, the user is informed that an attempt was made to access their iCloud account, and that therefore the iPhone would be ?blocked due to illegal activity?. Also in the email there is a link to "Check activity", which directs you to a website with the similar appearance of Apple Support who already knows the nature of the attacks phishing, however, you would suspect the page from its URL.

Screenshot of fake Apple support page

It happens that the user does not waste much time on that site as soon as he opens the link, a status bar is loaded and then a popup appears on the screen informing a phone number to which the user must call in the process of having his device ?unlocked?.

Still according to the Ars, who proceeded in his simulation of someone who would be falling for the coup, the person who answered the call identified himself as ?AppleCare's Lance Roger?, however the fake attendant hung up before any other information about the scheme was revealed.

Screenshot of the number the user is induced to call

However, victims are not restricted to owners of iPhones. When the user accesses the applesecurityrisks.xyz page from another iOS device (such as the iPad) or even from a Mac, the ?Check activity? link displays another command, this time programmed to start a session via FaceTime.

Fake Apple Phishing Support page for macOS

According to Engadget, Apple refused to comment on the matter and pointed out those same tips that we already highlighted to avoid falling into scams that use fake emails and alerts from Apple. A company spokesman ensured that all registered hits are routed to the Federal Trade Commission (FTC, consumer protection agency in the USA) and that it always eliminates false numbers when it can.