Malcolm Owen
A tech YouTube personality was recently the target of an attempted phishing attack, recounting on Twitter how a phone caller impersonated Apple to try and gain access to his iCloud account.
Like many other big companies, Apple's services has become a target for con artists and scammers, who try numerous ways to gain control of user accounts. In one retelling of an attack that took place on Saturday evening, a YouTube personality offers how a phone call attempting a scam took place.
Called at 7:13pm on Saturday, John Rettinger of The Apple Circle received multiple alerts on their phone about two-factor authentication, according to a video posted to Twitter. Rettinger didn't make the request as it was someone else trying to get into his iCloud account, so he declined the code request prompts, and changed his password via his iPhone.
Rettinger then received a phone call, spoofed to make it look like it was coming from Apple itself. The caller, claiming to represent Apple, mentioned they noticed fraud on the account, two attempted password resets, followed by a password reset, and that they were calling to make sure he "was okay."
After stating the attempts stemmed from Vancouver, Canada when Rettinger was in California, the caller then said they wanted to enroll him into "advanced protection," described as a "freeze" on resets on the account "to make sure that you're safe."
The caller then said they would need Rettinger to read out a one-time code to them, a request that was a major red flag for the tech personality. "Never read a code to anybody over the phone," warns Rettinger.
While not mentioned, the "one-time code" was probably the two-factor authentication code prompt that kept appearing on the iPhone.
This just happened. Attempted iCloud hack. Be vigilante. @Apple pic.twitter.com/qtXABIL9vq
— Jon Rettinger (@Jon4Lakers) September 4, 2022
After telling the caller he didn't feel comfortable reading a one-time code over to a supposed Apple employee and asking if there was another way to do it, the caller then hung up.
Rettinger concludes the video by describing the scam attempt as "pretty advanced," warning his followers to be on the look out for it. He ends the video with a request asking "Apple, if you're watching, fix this?"
Apple offers support for many different scams and phishing attempts on its website, including covering calls. Warning that caller ID usually shows a spoofed phone number for Apple, the scams tend to claim there's suspicious activity on an account or device, and could use flattery, incentives, and threats to secure account credentials.
Apple warns users that, if they receive an unsolicited or suspicious phone call from someone claiming to be Apple or Apple Support, to "just hang up." Users in the United States are also advised to report the scam calls to the FTC, or to their local law enforcement agency.
Owners of iPhones may also want to investigate the various ways spam calls and texts can be minimized or blocked automatically, as a way to cut the chances of being caught up in the fraudulent calls.
Amber Neely
Andrew Orr
William Gallagher
Christine McKee
AppleInsider Staff
Chip Loder
15 Comments
This guy is a pretty cool customer. I think a small number of less savvy iCloud users would have succumbed to this attack. This is yet another reminder to be wary of taking any action on any security related solicitations of any kind that you did not initiate, regardless of who the solicitation is coming from or the subject matter, e.g., online services, financial relationships, personal accounts of any sort, etc.
It’s getting harder every day trying to deal with this stuff. Relaying stories related to any new attack strategies that are in the wild here on AppleInsider is very useful for your readers. It won’t end anytime soon, but thanks anyway.
I’m very glad to know about this. Here in Europe I’ve been deluged by callers who say they’re from Microsoft and want access to my computer. It seems like an obvious scam, but a friend fell for it, gave them access, and they drained his bank account of thousands of euros.
"Apple, if you're watching, fix this?"
I seriously doubt Apple was watching. And what exactly can Apple do? Isn't the spoofing done via the carrier network?
An elderly couple that I assist constantly get alerts from "Amazon." The simplest solution is hanging up and calling Amazon (or whomever the scammer is claiming to be calling from) to verify any "suspicious activity under your
account." And just use common sense.
I've gotten texts from CitiBank about suspicious activity with my account. Which is hilarious as I closed by CitiBank accounts nearly 30 years ago and haven't looked back. Again, use common sense folks. Abort & Report.
People, even old people, are generally reluctant to give information to anyone who arrives at their door. But I wonder why they are far less reluctant to give out information when contacted via computer or phone.
We have public service announcements to stop people from lighting fires outdoors. Maybe we need public service announcements telling people not to respond to calls, text or emails. Any benefactor out there want to help? I hear Bill Gates like to provide support for public education.
Are used to get Robocalls like that but they now seem to have thinned out. Probably no phone numbers to spoof.