Phishing scams are targeting you
Apple users are no stranger to scams. While Mac operating systems were once less targeted by scammers, the growing popularity of iOS devices has led hackers to take aim at Apple users. A recent iPhone phishing scam, first reported by ArsTechnica and later picked up by Engadget, begins with an email made to look like an official Apple email. Users are then prompted to visit a website, which hijacks the phone and displays a dialogue box urging users to call Apple Care.
If users do dial-in, they are calling a scamming network that attempts to steal personal information from the user. Because users are using the dialogue box to connect to the phone number, it may seem very legitimate. Those who were scammed were instantly connected to a person identifying themselves as an Apple Care representative.
It is not known what type of information is being collected from users, and how that information is being used by the scammers, but similar phishing scams generally attempt to garner personal identifying information about users, including name, address, and credit card numbers.
How do Scammers Use Apple’s Weaknesses?
Every operating system has weaknesses in its security. In most cases, IT professionals work tirelessly to identify gaps and holes in their security and close them before hackers use them. These are security issues we never hear about, but every so often these weaknesses remain in place and hackers can exploit them. iPhone phishing scams follow the same progression.
Apple, for example, allows developers to create pop-ups within their apps. Most of the time, these pop-ups are used for marketing purposes, but nefarious developers can utilize pop-ups to prompt users to put in their personal information. This information can then be sold or used by the developer for unauthorized purposes.
This weakness is what current iPhone phishing scams are exploiting. Because the system allows developers to add popups, the scammer is utilizing that ability to create a fake dialogue box. Because the box appears directly on the phone, most users assume they are being prompted by the operating system, instead of a third party.
How Can You Protect your Information?
If you are using an Apple device, there are several ways for you to protect your personal information. Internet security experts suggest that every technology user must take an active role in protecting their data and that every email, dialogue box, or prompt should be investigated.
Try closing the app – If you have a system dialogue box pop up on your phone, close the program you are using. If the dialogue box is from Apple, the box will remain on your screen when you close the app. If the dialogue box closes when you close the app, you can assume it is a dialogue box created by a third party. You should not trust third-party dialogue boxes.
Do not put your information into dialogue boxes – If a dialogue box prompts you to submit your password, do not do it. Experts suggest going directly into your settings, checking the app, and inputting your password from settings. Entering your password into a pop-up may not be safe, and your password can be used to enter your account by a scammer.
Do not store your passwords on your phone – While it is convenient to store passwords on your phone, including those to your bank and most-used apps, experts suggest keeping your passwords offline. By storing your passwords, you are opening yourself up to potential problems if your operating system is overtaken by a hacker.
Call the Official Phone Number – If you are ever prompted to call a phone number, close the dialogue box, and instead, call the official Apple Care number. You can find the official number through a simple Google search. Dial the number in directly to your phone and discuss your issue with a representative. They will be able to tell you whether the request is legitimate, and what steps you may need to take to secure your account.
The Bottom Line
The most recent Apple phishing scams are not the first, and they won’t be the last. Scammers and hackers are always on the lookout to bypass the security of operating systems. In order to ensure your data and information is safe, you need to take an active role in your security. Remember, every request should be looked at carefully, and if you are not sure, don’t be afraid to call verified numbers and ask questions.