Be warned: Tech support scams have become so rampant that numerous YouTubers spend all of their time ratting these fake companies out and wasting the time of the scammers in the process. Most of the time Windows PC users are the target, but I have seen some that try to dupe Mac users as well.
Now it appears that these con artists are trying to break into the mobile scene with convincing warnings and websites targeted at iOS devices. The scammers use a phishing email to direct users to a fake Apple website.
According to Ars Technica, “The intricacy of the phish and the formatting of the webpage could convince some users that their phone has been 'locked for illegal activity' by Apple, luring users into soon clicking to complete the call.”
It appears that the scammers are trying to lure users into signing up for a fraudulent Apple “security service.” However, it really allows the bad actors to push malicious apps to the user’s phone.
The emails are cleverly designed to look like official iCloud communications. One example reads:
“[username], Critical alert for your account ID 7458. Sign-in attempt was blocked for your account [email address]. Someone just used your password to try to sign in to your profile.”
Below the warning was a “Check Activity” button which linked to a compromised website for a men's salon in India.
The user is then redirected through a couple of other sites before landing at an official-looking Apple Support page. However, the domain name "applesecurityrisks" is highly suspicious. This page uses Javascript to trigger a dialog box on an iPhone to place a phone call to “Apple Care.” On other Apple devices, the script tries to launch a FaceTime call.
It also pushes a warning screen to the device saying it has been “locked due to illegal activity” (above image) in the hopes of scaring users into completing the call.
When Sean Gallagher with Ars Technica called the number, he was greeted by someone calling himself "Lance Roger, and he claimed to be an Apple Care technician. Gallagher tried to root out more information during the call but the man got suspicious and hung up on him.
Ars Technica alerted Apple to the scam, and the website has since been tagged as “deceptive” by Google and Apple.
Image courtesy Ars Technica
https://www.techspot.com/news/75733-scammers-starting-target-iphones-clever-phishing-attacks.html
