Phishing scam in iCloud

Online scammers seem to be targeting Apple users

Enterprise network security experts have discovered a huge phishing campaign aimed at iPhone users. However, this time the campaign is not limited to a specific geographical area. In fact, this is an iOS phishing scam that exploits iCloud email addresses to try to deceive users of iPhone devices.

The iCloud users are targeted by this campaign. Enterprise network security researchers comment that the scam begins when a phishing email is delivered to an iCloud account; text in phishing emails is similar to Apple‘s legitimate emails.

E-mail alerts receivers that their Apple device is “blocked due to illegal activity”. Therefore, users are confused and click on the link attached to the mail. Links redirect users to fake websites spoofing Apple technical support. Moments later, the fake website asks the iCloud user to immediately call to the “Apple Care” line to solve the problem.

The person answering the call (impersonating an Apple employee) convinces the phishing victim that the only way to unlock the iOS device is by installing malicious device control software. This allows hackers to install the apps into the user’s devices, whether it’s an iPhone or an iPad.

According to experts in enterprise network security, PC and MAC users have always been targets of this kind of scams. However, now that many of us use a mobile device primarily, hackers continue to look for new methods to take advantage of that situation.

The “Apple Care” fake technical support scam is still active; the websites that are used for the scam are still online, although browsers like Chrome and Safari have already identified these sites as malicious. This means that people who visit them will receive a warning when they are redirected to any of these websites.

However, enterprise network security experts from the International Institute of Cyber Security commented that the most relevant advice to remain safe from these scams is to verify if the emails or the contact phone number they receive are genuine before click on any of the links. Also, it should be mentioned that Apple does not block devices under any circumstances.