New Phishing Scam Targeting Apple Users

A phishing scam is gaining traction that utilizes legitimate Apple support tickets to mislead users into relinquishing their accounts. Eric Moret from Broadcom recounted his near loss of his Apple account due to what seemed like official communications. In an in-depth post on Medium, he detailed the step-by-step process of how the scam unfolded.

This scam is particularly striking because the fraudsters exploit Apple’s own support system to make their messages look credible. From the initial alert to the final call, everything appears polished and professional. Here’s how the scam unfolded:

How the Scam Begins

Moret first received multiple warnings. This included two-factor authentication notifications alerting him to unauthorized access attempts on his iCloud account. Moments later, he received a call from someone claiming to be an Apple agent, who was friendly and assured him they could help.

The entire setup was disarmingly convincing. The scammers exploited a loophole in Apple’s support system, allowing them to generate real support tickets without any authentication. They lodged a genuine Apple Support complaint in Moret’s name, triggering an official email from an Apple domain. This immediate level of trust disarmed his initial suspicions.

Gaining Access

During a 25-minute call, the phony agent guided Moret through steps to secure his account. He was instructed to reset his iCloud password and directed to follow a link to resolve the issue.

This link took him to a fraudulent site called Appealapple.com, which looked legitimate and falsely assured him that his account was secure. He was prompted to input a six-digit verification code sent via text to complete the process.

Once he entered the code, the scammers gained access to his account.

Afterward, Moret received a notice stating that his Apple ID had been used to sign into a Mac mini that he didn’t own. This triggered alarm bells. The person on the line downplayed the situation, but trusting his instincts, Moret reset the password once more, successfully blocking the intruder.

Protecting Yourself from Ticket Scams

This type of scam thrives on its authentic feel. The communication appears official, and the caller seems trained. Yet, you can take steps to safeguard yourself by recognizing signals that all is not right.

1) Check Your Support Ticket

Scammers create seemingly legitimate tickets to make the experience feel genuine. Verify authenticity by logging into appleid.apple.com or the Apple Support app. If you don’t see a case number, the message is likely fraudulent, even if it came from an Apple domain.

2) Call Apple Directly

Never continue a call you didn’t start. Scammers often rely on lengthy conversations to build trust. Immediately hang up and reach Apple Support at 1-800-275-2273 or through the app. A real agent can quickly verify if there are any issues.

3) Review Your Apple ID Devices

If anything feels off, check the devices associated with your account. Go to Settings, tap your name, and scroll to see all devices linked to your Apple ID. Remove any that look unfamiliar, as this can quickly thwart an attacker.

4) Keep Your Verification Code Private

Legitimate support agents will never ask for your two-factor authentication code. Take such requests seriously.

5) Scrutinize All Links

Examine URLs carefully. Fake websites often use elaborate tricks to seem legitimate. Apple will never direct you to URLs like Apple Apple Dot com.

6) Use Reliable Antivirus Software

Robust antivirus software can detect harmful links and unsafe sites, as well as fake support messages. Anti-phishing tools are especially crucial here, as fraudsters leverage real ticket emails to deceive their victims.

7) Employ a Data Deletion Service

Data brokers gather personal details that scammers can exploit. Data deletion services help remove this information from broker sites, reducing the risk of targeted attacks. While these services aren’t foolproof, they can significantly decrease your online exposure.

8) Enable Multi-Layer Protection

Always keep two-factor authentication (2FA) enabled on vital accounts. This offers an essential barrier against unauthorized access.

9) Take a Moment Before Acting

Scammers thrive on urgency. If something feels rushed or out of the ordinary, pause and trust your instincts. A brief delay could save your account.

Key Takeaways

This situation underscores how convincingly criminals can exploit real systems. Even those who consider themselves cautious can fall for messages that appear trustworthy. The best defense is to remain vigilant and take a moment before acting hastily. Double-checking your support tickets and safeguarding your verification code will reduce your likelihood of being scammed. Adding layers of protection, such as antivirus software and data deletion services, enhances control over what attackers can see. Adopting these simple habits can significantly mitigate the risks posed by even the most sophisticated scams.