Do not lose your account to hackers.
Getty Images
Apple warns “targeted attacks” are now being deployed to gain access to user accounts. These hackers “use sophisticated tactics to persuade you to hand over personal details such as sign-in credentials, security codes, and financial information.”
A new alert has been issued as attackers unleash “an ingenious Apple Service hoax,” convincing users “their account is under attack.” This came to light (via Apple Insider) when user Eric Morat “almost lost everything — my photos, my email, my entire digital life” to “the most sophisticated phishing attack I’ve ever seen.”
ForbesOne Click Reveals If Your iPhone Or Android Is Secretly TrackedBy Zak Doffman
The attack was clever — a texted Apple security code followed by an automated call delivering another 2FA code. These were real codes the user had not prompted. And so when an Apple support call followed to warn of an attack, it all seemed real.
While clever, this latest attack triggering Apple’s automated calls and messages at the same time as hackers strike is a variation of a theme — one that has intensified in the last year. Google has been the prime target, now we’re seeing the same with Apple.
As I warned as the Google attacks made headlines, these should have been stopped at first base, because Google tells users its support desk will not call you. It’s that simple.
Apple says exactly the same. “Don’t answer suspicious phone calls or messages claiming to be from Apple. Instead, contact Apple directly through our official support channels.”
It doesn’t matter the lure. It should never get to the stage where you’re told to disable 2FA or make a payment or share a password or anything else. Do not take the call — it really is as simple as that. “If you get an unsolicited or suspicious phone call from someone claiming to be from Apple or Apple Support, just hang up,” says Apple.
The FBI is very clear on this as well. “Know that legitimate companies will never call you and offer tech support out of the blue. If you get a call like this, hang up.”
ForbesPhone Number Hacks—Google Confirms 2FA Warning For All UsersBy Zak Doffman
If you remember that as a binary, you’ll be protected from these attacks. Whether it’s Apple or Google or a bank or any other organization, hang up and either log in as usual or call a publicly available support number. making sure it’s not a potentially fake phone number in a Google Ad topping a regular search.
If you get one of these calls and there’s an issue, that’s how you handle it.
There won’t be.