For those who don’t know what the term “phishing” refers to, it is the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers. Phishing has become increasingly prevalent in technology as time progresses, and as people begin to put more trust into technology and what they see on the internet.
A recent phishing scam that is affecting many people is a scam where someone calls pretending to be Apple’s “Apple Care,” that is formatted to look like a security alert. Apple has not commented or acknowledged the scam as of yet, however the scam has continued to grow and affect more people. This attempt is targeting email addresses associated with iCloud services by emailing a “critical alert” for a blocked sign-in attempt. In the email is a link to check account activity.
When you click that link, you’re taken to website that disguises itself as Apple’s own support website. You don’t actually get too far on that site, however, as iOS will immediately pop up with a system dialog box that prompts a call to “AppleCare.” Once connected with the AppleCare wannabe number, a “support” team member attempts to collect information. The name that has been used the most frequently appears to be “Lance Roger.”
This scam now prompts the question “What if this happens to me?” In the event that you are targeted by a phishing attempt, the simplest way to handle the situation is to not answer the phone if you do not recognize the number. A majority of people, who actually need to speak with you, will leave a voicemail. So far, no instances of the apple care scam leaving a voicemail have been reported. There are also resources from Apple on how to prevent phishing attacks in the first place.
Phishing scams are typically easy to recognize, when an email is sent from someone you know but it doesn’t sound like them, try looking at the address it was sent from. A widely used characteristic of a phishing email is to spoof an email address from someone’s contacts, and one or two characters will have been changed.
If you have any questions or concerns about phishing or any technology needs, contact Vigilant for a free infrastructure assessment!
Notify me of followup comments via e-mail