Apple users are being warned about a sophisticated iPhone scam which can be used to steal credit card and personal details in just seconds.
The phishing scam looks exactly like a familiar pop-up that prompts users to enter their Apple ID password when downloading apps or upgrading the operating system. Once you enter your password scammers can access your personal details.
The scam is particularly alarming as it’s so sophisticated – it’s almost impossible to tell the different.
Can you tell the difference between the real pop-up and the phishing attack below?
Furthermore, as phishing scams within mobile apps are not very common this one is potentially very dangerous as iPhones users are so accustomed to the ‘Enter your Apple ID’ pop-up.
If you’re suspicious, err on the safe side and dismiss the pop-up and go into “Settings” to enter your password there.
How to protect yourself
According to Apple, here are the steps you need to take to protect yourself.
Protect your Apple ID –
- Never share your Apple ID password or temporary verification codes with anyone. Apple will never ask you for this information to provide support.
- Use two-factor authentication to protect your Apple ID. Learn more about security and your Apple ID.
- If you believe that your Apple ID has been compromised, change your password immediately.
If you see pop-up alerts or ads
When you browse the web, you might see a pop-up ad or a page warning you about a problem with your device. It might even look like the alert is coming from macOS or iOS. It isn’t. These alerts are pop-up ads, designed to trick you into calling a phony support number or buying an app that claims to fix the issue. Don’t call the number. Simply close the pop-up ad, or navigate away from that page and continue browsing.
If you get a suspicious phone call or voicemail
Scammers spoof phone numbers and use flattery and threats to pressure you into giving them information, money, and even iTunes gift cards. Always verify the caller's identify before you provide any personal information. If you get an unsolicited call from someone claiming to be from Apple, hang up and contact us directly.
If you receive a phishing email or text message
Scammers try to copy email and text messages from legitimate companies to trick you into entering personal information and passwords. Never follow links or open attachments in suspicious or unsolicited messages. If you need to change or update personal information, contact the company directly.
These signs can help you identify phishing scams:
- The sender’s email address or phone number doesn’t match the name of the company that it claims to be from.
- Your email address or phone number is different from the one that you gave that company.
- The message starts with a generic greeting, like “Dear customer.” Most legitimate companies will include your name in their messages to you.
- A link appears to be legitimate but takes you to a website whose URL doesn’t match the address of the company’s website.
- The message looks significantly different from other messages that you’ve received from the company.
- The message requests personal information, like a credit card number or account password.
- The message is unsolicited and contains an attachment.