Advanced Phishing Attack
George Burke (via John Scott-Railton):
Got a pop up on both my iPhone & Apple Watch about password reset. I didn’t take action. Then received call from 1-800-MY-APPLE.
[…]
“There has been strange Apple ID login attempt activity from a MacBook device located in Sacramento. Can you verify that this login attempt was you?”
“No, that wasn’t me.”
“OK. There may be someone trying to access your account. I’ll place a temp hold while I investigate.”
“…Sir, let me send you a code to your number on file ending in xxxx”
“OK”
“When you receive it, let me know. This will allow me to block further unauthorized access…. Did you receive it?
I posted my car for sale on @facebook this morning, and within 10 minutes I had two scammers. First they ask for your phone number to call you. You give it to them and they say they’re sending a code to confirm you’re real. It’s a Google verification code. Report it, obviously.
Previously:
- PayPal Phishing Scam Invoices
- Hang Up and Call Back
- How Hackers and Scammers Break into iCloud-Locked iPhones
Update (2023-01-05): Mike Rundle:
Just received multiple “A password reset request was sent from a device at the location shown below.” Mac notifications, but the map was blank. Then received it on my iPhone. THEN got a very convincing phone call from this contact pretending it was Apple.
3 Comments RSS · Twitter · Mastodon
On the one hand I'm surprised that a cryptopumper managed to see through a scam, on the other hand it takes one to know one.
We’ve had the same thing happen when posting to Facebook Marketplace. Often it’s this Google Voice scam: https://news.yahoo.com/google-voice-scams-continue-target-180108126.html
According to that source (the “Identity Theft Resource Center”), up to 70% of scams reported to them were related to Google Voice.
We don’t use Google Voice but presumably the scammer was going to create an account authenticated to our cell number.
I've had things like these too. NEVER answer the call. ALWAYS call them directly with the number on their site.