APPLE has urged iPhone owners to keep their eyes peeled for five red flags that are tell tale signs of a scam.
It comes as a new SMS attack targeting Apple customers spreads across the US.
In a recently updated security support page, Apple explains that phishing is a common tactic in social engineering.
The practice aims to get you to reveal important information about yourself, that will in turn be used to scam you.
Scammers will use any means they can to trick you into sharing information or giving them money, according to Apple, including:
- Fraudulent emails and other messages that look like they’re from legitimate companies, including Apple.
- Misleading pop-ups and ads that say your device has a security problem.
- Scam phone calls or voicemails that impersonate Apple Support, Apple partners, and other well known or trusted entities or individuals.
- Fake promotions that offer free products and prizes.
- Unwanted Calendar invitations and subscriptions.
“If you’re suspicious about an unexpected message, call, or request for personal information, such as your email address, phone number, password, security code, or money, it’s safer to presume that it’s a scam — contact that company directly if you need to,” Apple writes.
Steering clear of these five red flags will help protect Apple customers from phishing campaigns, like the one currently trying to steal Apple IDs.
A new phishing campaign involves Apple customers receiving a SMS text saying something along the lines of: Apple important request iCloud: Visit signin[.]authen-connexion[.]info/icloud to continue using your services.
The link goes to a malicious website with a fake iCloud login template that will send your email and password straight to scammers.
Apple has reminded customers of eight Do’s and Don’t’s to avoid scams that target your account and devices, including:
- Never share personal data or security information like passwords or security codes, and never agree to enter them into a webpage that someone directs you to.
- Protect your Apple ID. Use two-factor authentication, always keep your contact information secure and up to date, and never share your Apple ID password or verification codes with anyone. Apple never asks for this information to provide support.
- Never use Apple Gift Cards to make payments to other people.
- Learn how to identify legitimate Apple emails about your App Store or iTunes Store purchases. If you send or receive money with Apple Cash (U.S. only), treat it like any other private transaction.
- Learn how to keep your Apple devices and data secure.
- Download software only from sources you can trust.
- Don’t follow links or open or save attachments in suspicious or unsolicited messages.
- Don’t answer suspicious phone calls or messages claiming to be from Apple. Instead, contact Apple directly through our official support channels.
If you believe that your Apple ID has been compromised, it is recommended you immediately change your Apple ID password.
If you might have entered your password or other personal information into a scam website, you must also change your password.
Apple also urged customers to ensure that two-factor authentication is enabled on their accounts.
What is phishing?
HERE’s what you need to know:
- Phishing is a type of online fraud
- It’s typically an attempt to nab some of your data
- Phishing generally involves scammers posing as a trustworthy entity
- For instance, fraudsters could send you an email claiming to be your bank, asking for details
- Scammers can also set up fake websites that look like real ones, simply to hoodwink you
- Phishing can take place over email, social media, texts, phone calls and more
- The best defence against phishing is to be generally sceptical of weblinks and emails, especially if they were unsolicited