Beware of the Apple Support Scam

Person holding a phone receiving a call from an unknown phone numberHackers have been impersonating Apple’s support team to scrape sensitive information from Apple users’ devices.
Here is all you need to know about the recent phishing scam.

How does this scam play out?
In this scheme, hackers spoof Apple’s support number and call iPhone users. The scammer claims the victim’s Apple iCloud account is compromised, hacked or showing suspicious activity. They’ll ask for the user’s login credentials and passwords so they can “fix” the problem. Their ultimate goal, though, is to gain access to the victim’s iCloud account.

Sometimes, the scam takes the form of an automated message sent to victims announcing that evidence of suspicious activity has been found in their iCloud account. Victims are instructed to call a specific number to reach “Apple Support.” Once victims make that phone call and are connected to a “representative,” they’ll be speaking to a scammer who is waiting to ask for their iCloud account credentials.

This scam often works because of the spoofing technology the hackers use to make it appear Apple Support is actually calling.

How do I know the caller isn’t really an Apple representative?
If you get a call like this, and you’re unsure if it is a legitimate Apple representative, it’s simple to find the truth. As soon as the caller starts asking for your Apple ID password, iCloud credentials or verification codes to provide you with support, you’ll know you’re talking to a scammer. Apple reps will never ask for any of this information over the phone.

What is Apple saying about this scam?
Apple has provided concerned Apple users with an article about phishing scams. The tech giant has also suggested users verify a caller’s identity before providing any personal information over the phone. As such, they’ve shared this crucial tip, “If you get an unsolicited call from someone claiming to be from Apple, hang up, and contact us directly.”

Apple also advises iPhone users to activate two-factor authentication as an added layer of protection.