A tech YouTube personality was recently the target of an attempted phishing attack, recounting on Twitter how a phone caller impersonated Apple to try and gain access to his iCloud account.
Like many other big companies, Apple's services has become a target for con artists and scammers, who try numerous ways to gain control of user accounts. In one retelling of an attack that took place on Saturday evening, a YouTube personality offers how a phone call attempting a scam took place.
Called at 7:13pm on Saturday, John Rettinger of The Apple Circle received multiple alerts on their phone about two-factor authentication, according to a video posted to Twitter. Rettinger didn't make the request as it was someone else trying to get into his iCloud account, so he declined the code request prompts, and changed his password via his iPhone.
Rettinger then received a phone call, spoofed to make it look like it was coming from Apple itself. The caller, claiming to represent Apple, mentioned they noticed fraud on the account, two attempted password resets, followed by a password reset, and that they were calling to make sure he "was okay."
After stating the attempts stemmed from Vancouver, Canada when Rettinger was in California, the caller then said they wanted to enroll him into "advanced protection," described as a "freeze" on resets on the account "to make sure that you're safe."
The caller then said they would need Rettinger to read out a one-time code to them, a request that was a major red flag for the tech personality. "Never read a code to anybody over the phone," warns Rettinger.
While not mentioned, the "one-time code" was probably the two-factor authentication code prompt that kept appearing on the iPhone.
This just happened. Attempted iCloud hack. Be vigilante. @Apple pic.twitter.com/qtXABIL9vq
-- Jon Rettinger (@Jon4Lakers) September 4, 2022
After telling the caller he didn't feel comfortable reading a one-time code over to a supposed Apple employee and asking if there was another way to do it, the caller then hung up.
Rettinger concludes the video by describing the scam attempt as "pretty advanced," warning his followers to be on the look out for it. He ends the video with a request asking "Apple, if you're watching, fix this?"
Apple offers support for many different scams and phishing attempts on its website, including covering calls. Warning that caller ID usually shows a spoofed phone number for Apple, the scams tend to claim there's suspicious activity on an account or device, and could use flattery, incentives, and threats to secure account credentials.
Apple warns users that, if they receive an unsolicited or suspicious phone call from someone claiming to be Apple or Apple Support, to "just hang up." Users in the United States are also advised to report the scam calls to the FTC, or to their local law enforcement agency.
Owners of iPhones may also want to investigate the various ways spam calls and texts can be minimized or blocked automatically, as a way to cut the chances of being caught up in the fraudulent calls.