Apple accounts hacked in phishing, used for purchases

Science

17 Oct 2018

Apple accounts compromised in phishing hacks, used for purchases

Nearly a week ago, some Chinese iPhone users revealed cases of money being stolen from their Apple accounts.

They got payment notification for unauthorized App Store purchases at odd hours, leading many to think that some Apple IDs have been stolen.

Now, Apple has confirmed that this was the result of a phishing scam.

More details follow.

Apology

Apple 'deeply apologetic' for the hack

Apple 'deeply apologetic' for the hack

In a statement to the Wall Street Journal, Apple apologized to the victims of the scam.

The company didn't reveal specific details of the attack but said only "a small number of our users" who didn't have two-factor authentication enabled were affected.

"We are deeply apologetic about the inconvenience caused to our customers by these phishing scams," its statement read.

Details

Hackers used connected accounts for payment

On gaining login details, the hackers made App Store purchases by using already connected payment options - Alibaba's Alipay and Tencent's WeChat Pay.

Hundreds of dollars, with a maximum 2,000 yuan (Rs. 21,000), were spent on purchases, leading to complaints from both companies.

The total amount spent still remains unclear, but sources say Apple will be refunding the money to the affected users.

Love Tech news?

Stay updated with the latest happenings.

Yes, notify Me

Apple's advice to prevent such issues

While apologizing for the scam, Apple also requested users to enable two-factor authentication - where login is approved with a verification code received on mobile - to prevent such incidents from happening in the future.

Share this timeline

Share this timeline

Ask NewsBytes
User Image

Next Timeline