It may be a new year but there appears to be no let up in the relentless onslaught of phishing scams. If anything, they appear to be getting more sophisticated judging by our latest scam of the week.
iPhone users have been targeted with a new type of phone-based phishing scam that’s cleverly disguised as a legitimate voice call from Apple support.
The scam starts with an automated call that displays Apple’s official logo, address and real telephone number. The user is then warned about a security breach within the company and asked to immediately call back using a dedicated support number.
The scam is so convincing that if an iPhone user requests a call back from an Apple support representative, the fake call gets indexed in the recent calls list and the phone is unable to differentiate between the fake call and a legitimate one.
The unsuspecting user will then be asked to provide their personal details or financial information, depending on the different variations of the scam.
In response to the scam, Apple provided advice to its customers on what they should do if they receive a suspicious call or voicemail message: “Scammers spoof phone numbers and use flattery and threats to pressure you into giving them information, money, and even iTunes gift cards.
“Always verify the caller’s identity before you provide any personal information. If you get an unsolicited call from someone claiming to be from Apple, hang up and contact us directly.”
The scam highlights just how vigilant users need to be when receiving phone calls out of the blue. There has been a huge increase in the number of phone-based phishing scams using ‘number spoofing’.
This is where fraudsters use sophisticated technology to alter the phone number they’re calling from. The number will appear exactly the same as an official company number, making it extremely difficult to determine if the call is legitimate or a well-crafted phishing scam.
To avoid being tricked by a voice phishing call:
- Be wary of phone calls from unknown numbers – If a call comes out of the blue from a number you’re not familiar with, treat the call as suspicious.
- Never give out personal information over the phone – Legitimate organisations will never ask you to disclose personal information such as a pin, password or bank account details over the phone.
- Hang up – If you’re feeling intimidated or harassed by the call then hang up immediately. A common tactic is to create a sense of urgency, so you feel pressurised into action.
- Ring the organisation directly – If you think the phone call is a scam then hang up the phone and ring the organisation directly. Source the official number yourself and never call back using the number the caller has given you.
- Consider using a call blocking device – If you’re getting pestered with calls from unknown numbers, it may be wise to invest in a call blocking device to filter out unwanted calls.
Despite the increasing sophistication of phishing attacks there are a number of ways you can protect yourself online. MetaPhish has been specifically designed to protect businesses from phishing and ransomware attacks and provides the first line of defence in combating cyber-crime. Get in touch for further information on how we can help your business.