Apple iPhone users have been hit by a new scam which tricks them into handing over sensitive personal information like their credit card details and passwords. It’s only been detected in the UK so far but could be replicated in other countries as well.
The phishing scam starts off with an innocent-looking text message which informs the victim that their Apple ID is about to expire and they should visit a link to stop this from happening. While the tech-savvy among us would know that IDs don’t just expire and the company would never send an SMS to inform you if it did, there are a number of people who could get fooled.
The message itself has the first and last name of the recipient, so it’s easy to see how someone might get taken in. If a person clicks on the link, they’ll be redirected to a bogus Apple ID login page which looks virtually identical to the actual site. It’s meant to con the victim into entering their user ID and password so the information can be passed along to online criminals.
Once the page gets the Apple login data, a dialog informs the user that their account has been locked for security reasons and they must unlock it before signing in. To do so, they’ll have to key in personal details like their birthday, address, credit card information and phone number.
To make things worse, it even asks for the answer to pre-determined questions like their mother’s maiden name, passport number and driving license number. While the best way to prevent this nightmare from taking place is to keep an eye out for such messages, security expert Graham Cluley also advises people to enable two-factor authentication for their Apple ID.