Apple has warned iPhone users to be on their guard against a new ‘smishing’ (SMS phishing) scam where the perpetrators are posing as Apple. The scam involves the scammers contacting iPhone users with the excuse of needing to sort out a login issue.
The targeted users are sent a URL which actually leads to a fake iCloud phishing page with the intention of stealing the user’s login details, accessing their account, and stealing other personal details and financial information.
Apple has warned that criminals are now using sophisticated versions of social engineering tactics like phishing in the form of fraudulent emails, misleading pop-ups and ads, scam phone calls or voicemails (impersonating Apple Support or Apple partners), fake promotions, and unwanted calendar invitations and subscriptions.
Apple has issued advice on a support page of how users can protect themselves. The advice includes the suggestion that if customers are suspicious about an unexpected message, it’s best to assume it is a scam and to contact that company directly if they need to. Other key pieces of advice suggest that users should never share personal data or security information (e.g. passwords or security codes), protect Apple ID’s (with 2FA), and it’s also suggested not to use Apple Gift Cards to make payments to other people.