APPLE has urged iPhone owners to keep their eyes open for five red flags that indicate signs of a scam.
It comes as a new SMS attack targeting Apple customers spreads across the US.
1
In a recently updated security support page, Apple explains that phishing is a common tactic in social engineering.
The practice is intended to make you reveal important information about yourself, which in turn will be used to deceive you.
Scammers will use any means they can to trick you into sharing information or giving them money, according to Apple, including:
- Phishing emails and other messages that appear to be from legitimate companies, including Apple.
- Fraudulent pop-ups and ads that say your device has a security problem.
- Scam phone calls or voicemails that impersonate Apple support, Apple partners, and other well-known or trusted entities or individuals.
- Fake promotions offering free products and prizes.
- Unsolicited Calendar invitations and subscriptions.
“If you suspect an unexpected message, call or request for personal information such as your email address, phone number, password, security code or money, it’s safer to assume it’s a scam – contact that company directly if should”, writes Apple.
Avoiding these five red flags will help protect Apple customers from phishing campaigns like the one currently trying to steal Apple IDs.
A new phishing campaign involves Apple customers receiving an SMS message saying something along the lines of: Apple iCloud Important Request: Visit Login[.]auten-link[.]info/icloud to continue using your services.
The link goes to a malicious website with a fake iCloud login template that will send your email and password directly to the scammers.
Apple has reminded customers of eight dos and don’ts to avoid scams targeting your account and devices, including:
- Never share personal data or security information such as passwords or security codes, and never agree to enter it on a website where someone directs you.
- Protect your Apple ID. Use two-factor authentication, always keep your contact information safe and up-to-date, and never share your Apple ID password or verification codes with anyone. Apple never asks for this information to provide support.
- Never use Apple gift cards to make payments to others.
- Learn how to identify legitimate Apple emails for your App Store or iTunes Store purchases. If you send or receive money with Apple Cash (US only), treat it like any other private transaction.
- Learn how to keep your Apple devices and data secure.
- Only download software from sources you can trust.
- Do not follow links or open or save attachments in suspicious or unsolicited messages.
- Do not answer suspicious calls or messages claiming to be from Apple. Instead, contact Apple directly through our official support channels.
If you believe that your Apple ID has been compromised, it is recommended that you change your Apple ID password immediately.
If you may have entered your password or other personal information on a fraudulent website, you should also change your password.
Apple also urged customers to ensure that two-factor authentication is enabled on their accounts.
What is phishing?
Here’s what you need to know:
- Phishing is a type of online fraud
- It is usually an attempt to capture some of your data
- Phishing generally involves scammers posing as a trustworthy entity
- For example, fraudsters may send you an email pretending to be your bank, asking for details
- Scammers can also create fake websites that look like the real thing, just to trick you.
- Phishing can be done through email, social media, texts, phone calls, and more
- The best defense against phishing is to be generally skeptical of web links and emails, especially if they were unsolicited