This phishing scam targets iPhone users to steal Apple ID
What's the story
The Indian Cybercrime Coordination Centre's National Cybercrime Threat Analytics Unit (I4C) has issued a warning about a sophisticated phishing scam. The scam targets iPhone users who have lost their devices. Scammers impersonating Apple Support are sending fake messages with malicious links to steal your Apple ID and OTP. This allows them to access your account and remove your device. Always verify links and use Apple's official 'Find Devices' service for recovery.
Scam details
Scammers exploit victims' urgency to locate or secure missing device
The I4C, which operates under the Union Home Ministry, said that fraudsters are exploiting victims' urgency to locate or secure their missing device. These scammers send messages that closely resemble legitimate 'Find My iPhone' or Apple Support notifications. The deceptive messages redirect users to counterfeit Apple login pages designed to steal their Apple ID credentials and One-Time Passwords (OTP).
Account breach
I4C advises users to avoid clicking links in unsolicited messages
Once the attackers compromise an account, they gain unauthorized access and remove the linked Apple ID from the stolen device. The I4C has advised users to avoid clicking links received via SMS (especially from international SMS Headers) or unsolicited messages. It also stressed checking the URL carefully before entering credentials and using only Apple's official "Find Devices" service page for recovery.
MHA alert
MHA issues advisory regarding phishing scam
The Ministry of Home Affairs (MHA) has also issued an advisory regarding the phishing scam. The fake Apple Support messages mislead users into thinking their lost devices have been temporarily disabled or need immediate action to erase sensitive data. The advisory emphasizes the need for users to be cautious and not click on suspicious links or share personal information through such messages.