The latest scam targeting Apple device users is particularly insidious, appearing to come as a call from the company's real phone support number, according to a well-known security researcher.
Those affected are getting a message from a robodialer claiming their online ID has been compromised, Brian Krebs explained on Friday. Checking the iOS Phone app shows the caller as "Apple Inc." and the number as 1-800-MY-APPLE, just like AppleCare. In fact people who have recently been in contact with the authentic AppleCare will see scam calls listed under the same history.
One person targeted by the scam, Global Cyber Risk CEO Jody Westby, called the "1-866" number mentioned in the message, encountering first an automated system but then a real person, who ultimately placed Westby on hold before disconnecting.
Prior to that call Westby had got in touch with an AppleCare representative, who confirmed that the original call was a fake.
Krebs suggests that that as in most phishing incidents the scammers are likely baiting people into handing over personal details or to get direct payment for bogus services. While blocking the robodialer isn't an option for people who need to talk to Apple, the scam should nevertheless be easy to detect, since Apple doesn't cold-call its support clients and the reply number in the message isn't associated with the company.