Written byShubham Sharma
Phishing scams are fairly common on internet.
An attacker fakes a well-known company's web page and tries to fool an unsuspecting user into giving away their financial or personal details.
Here's all about it.
Recently, Jody Westby, the CEO of security firm Global Cyber Risk LLC, was targeted by the phishing scam in question.
She received an automated call that appeared to be from Apple, and was informed about a server breach.
It said multiple servers containing Apple IDs have been compromised and she had to call a specific 1-866 number before doing anything else on her device.
Prompted by the automated call, Westby visited Apple's support page and requested a callback.
After speaking to a real Apple customer support representative, she was sure that the previous call was actually a scam.
However, after hanging up, she noticed the worrying part: the fake caller's ID was tied to the legit call from Apple in the 'recent' list of her iPhone.
For both real and fake call, the 'recent' list displayed actual Apple information, including its real address in Cupertino, real support number, and the real website (although without 's' at the end of 'http'). This could have easily fooled anyone into believing the scam.
After the issue was flagged, KrebsOnSecurity called the number given to Westby to delve into the matter.
The call was answered by an automated system that claimed to be 'Apple Support'.
It was then transferred to a man, who inquired the reason for the call and hung up soon after he was told about the fake 'breach and Apple ID issue'.
Though the person answering the call hung up, the entire system appears to be designed for tricking users into paying for 'Apple' tech support.
The unwary user would think they are paying Apple for its support services, but the scammer would take away the money as well as financial and personal information.
So, watch out and don't fall for something like this.
To avoid such scams, never share your personal or financial details with anyone, not even to pay for a seemingly legit service. Keep this as a rule of thumb and visit only official sites for any kind of product-related service you may need.
Love Science news?
Subscribe to stay updated.