[ad_1]
As phishing scams become more and more sophisticated and able to mimic the marks they imitate, it becomes more and more difficult for a recipient (even informed) to identify some of the warning signs of fraud. A new report suggests that fraudsters have found a way to even manipulate caller IDs to make them look like those of Apple's support.
• The Marriott hotel network declines the estimate of people affected by historical data leaks
• Hackers leaked personal data from Angela Merkel and hundreds of German politicians [19659002] Security researcher Brian Krebs reported on an iPhone touched by Jody Westby, CEO of a cyber security consulting firm. According to Krebs, Westby "would have received an automated call on his iPhone, warning him that several servers containing Apple's user IDs had been compromised," prompting him to dial 1- 866. This may seem like a sufficient warning sign to ignore the call, except that your caller ID has appeared on your phone with Apple's support number, web address, and physical address. In addition, your phone was not supposed to tell the difference between the fraudulent call and the Apple support line. According to the Krebs Report:
Westby stated that she immediately went to the Apple.com support page (https://www.support.apple.com) and asked a person customer support to call back to it. The page displayed a "case identifier" to track your request, and a few minutes later, a person from the real Apple Inc. called and had indicated the case identification number at the beginning of l & # 39; call.
Westby said that the Apple agent told him that the company had not contacted her, that the call was almost certainly a coup d'etat and that Apple would never do it – everything she already knew. However, when Westby viewed the list of recent calls from her iPhone, she found that Apple's legitimate call had been placed next to the fraudulent link that she claimed was Apple.
Krebs stated that she had contacted the number provided to Westby at the following address: automated message and was briefly connected to someone before the call was disconnected. The security researcher stated that he thought the scheme was aimed at soliciting personal or financial information from unsuspecting victims.
This appeal is disturbing, as noted by Krebs, by his apparent ability to deceive Apple or AT & T devices – or both – in order to group the calls to blow with line lines. legitimate badistance. Westby may have been alerted by a number of suspicious clues, but she told Krebs that the "call" was so convincing that I thought a lot of people would fall into it. "
The coup targeting Apple's customers via calls seems particularly sophisticated. but even those with obvious warning signs can attract unsuspecting targets. Earlier this week, a phishing system posing as a PayPal toast was promoted to Twitter for at least 30 minutes before being removed. And in December, the US Federal Trade Commission warned of a phishing scandal under the Netflix support email. In most cases, these schemes are a game of numbers on the part of coup manufacturers.
As Krebs points out, if a call raises the slightest concern that a device has been damaged, the best thing to do is to contact the online support on the company's website to avoid any problems. being a victim of false figures that can appear when handling search engines.
[KrebsOnSecurity via TechCrunch]
Source link
