{"id":38057,"date":"2023-01-04T20:27:49","date_gmt":"2023-01-05T01:27:49","guid":{"rendered":"https:\/\/mjtsai.com\/blog\/?p=38057"},"modified":"2023-01-05T16:08:09","modified_gmt":"2023-01-05T21:08:09","slug":"advanced-phishing-attack","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2023\/01\/04\/advanced-phishing-attack\/","title":{"rendered":"Advanced Phishing Attack"},"content":{"rendered":"<p><a href=\"https:\/\/twitter.com\/geoburke\/status\/1608253982387933184\">George Burke<\/a> (via <a href=\"https:\/\/twitter.com\/jsrailton\/status\/1609019350446641154\">John Scott-Railton<\/a>):<\/p>\n<blockquote cite=\"https:\/\/twitter.com\/geoburke\/status\/1608253982387933184\">\n<p>Got a pop up on both my iPhone &amp; Apple Watch about password reset. I didn&rsquo;t take action. Then received call from 1-800-MY-APPLE.<\/p>\n<p>[&#8230;]<\/p>\n<p>&ldquo;There has been strange Apple ID login attempt activity from a MacBook device located in Sacramento. Can you verify that this login attempt was you?&rdquo;<\/p>\n<p>&ldquo;No, that wasn&rsquo;t me.&rdquo;<\/p>\n<p>&ldquo;OK. There may be someone trying to access your account. I&rsquo;ll place a temp hold while I investigate.&rdquo;<\/p>\n<p>&ldquo;&#8230;Sir, let me send you a code to your number on file ending in xxxx&rdquo;<\/p>\n<p>&ldquo;OK&rdquo;<\/p>\n<p>&ldquo;When you receive it, let me know. This will allow me to block further unauthorized access&#8230;. Did you receive it?<\/p>\n<\/blockquote>\n\n<p><a href=\"https:\/\/twitter.com\/davekopec\/status\/1609209173211742209\">David Kopec<\/a>:<\/p>\n<blockquote cite=\"https:\/\/twitter.com\/davekopec\/status\/1609209173211742209\"><p>I posted my car for sale on \n@facebook\n this morning, and within 10 minutes I had two scammers. First they ask for your phone number to call you. You give it to them and they say they&rsquo;re sending a code to confirm you&rsquo;re real. It&rsquo;s a Google verification code. Report it, obviously.<\/p><\/blockquote>\n\n<p>Previously:<\/p>\n<ul>\n<li><a href=\"https:\/\/mjtsai.com\/blog\/2022\/09\/05\/paypal-phishing-scam-invoices\/\">PayPal Phishing Scam Invoices<\/a><\/li>\n<li><a href=\"https:\/\/mjtsai.com\/blog\/2022\/02\/03\/hang-up-and-call-back\/\">Hang Up and Call Back<\/a><\/li>\n<li><a href=\"https:\/\/mjtsai.com\/blog\/2019\/02\/08\/how-hackers-and-scammers-break-into-icloud-locked-iphones\/\">How Hackers and Scammers Break into iCloud-Locked iPhones<\/a><\/li>\n<\/ul>\n\n<p id=\"advanced-phishing-attack-update-2023-01-05\">Update (2023-01-05): <a href=\"https:\/\/twitter.com\/flyosity\/status\/1610745444648239105\">Mike Rundle<\/a>:<\/p>\n<blockquote cite=\"https:\/\/twitter.com\/flyosity\/status\/1610745444648239105\">\n<p>Just received multiple &ldquo;A password reset request was sent from a device at the location shown below.&rdquo; Mac notifications, but the map was blank. Then received it on my iPhone. THEN got a very convincing phone call from this contact pretending it was Apple.<\/p>\n<\/blockquote>","protected":false},"excerpt":{"rendered":"<p>George Burke (via John Scott-Railton): Got a pop up on both my iPhone &amp; Apple Watch about password reset. I didn&rsquo;t take action. Then received call from 1-800-MY-APPLE. [&#8230;] &ldquo;There has been strange Apple ID login attempt activity from a MacBook device located in Sacramento. Can you verify that this login attempt was you?&rdquo; &ldquo;No, [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"apple_news_api_created_at":"2023-01-05T01:27:56Z","apple_news_api_id":"e3c2604e-b908-43ca-8802-92559d616fe1","apple_news_api_modified_at":"2023-01-05T21:08:12Z","apple_news_api_revision":"AAAAAAAAAAAAAAAAAAAAAQ==","apple_news_api_share_url":"https:\/\/apple.news\/A48JgTrkIQ8qIApJVnWFv4Q","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_is_hidden":false,"apple_news_is_paid":false,"apple_news_is_preview":false,"apple_news_is_sponsored":false,"apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":"\"\"","apple_news_suppress_video_url":false,"apple_news_use_image_component":false,"footnotes":""},"categories":[2],"tags":[707,25,31,2185,1200,2090,96],"class_list":["post-38057","post","type-post","status-publish","format-standard","hentry","category-technology","tag-apple-id","tag-facebook","tag-ios","tag-ios-16","tag-phishing","tag-two-factor-authentication-2fa","tag-web"],"apple_news_notices":[],"_links":{"self":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/38057","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/comments?post=38057"}],"version-history":[{"count":2,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/38057\/revisions"}],"predecessor-version":[{"id":38072,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/38057\/revisions\/38072"}],"wp:attachment":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/media?parent=38057"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/categories?post=38057"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/tags?post=38057"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}