Apple fans are being warned to stay alert following the discovery of an online scam promising early access to the rumored iPhone 12.
Experts at security firm Sophos have warned about a “smishing” scam that lures victims in to thinking they are getting an early look at Apple’s next smartphone, but instead end up having their bank accounts raided.
The company is now warning users to take extra care when clicking on links in both SMS messages and emails, with criminals looking to spread their activity using a variety of methods.
Smishing scam
Sophos revealed that the scam starts with an SMS message that lures victims in with information about a fake delivery at an address different to theirs. If the victim clicks on the link in the SMS, they are taken to a website where they are greeted with messages from a fake Apple chatbot which says they were chosen to take part in an iPhone 12 trial.
This eventually redirects the victim to one of a number of different scams sites, which claims there is a courier delivery charge for the “free” phone. This is typically between £1 and £2, again helping to lure victims in with a low cost, but accepting this takes the victim to a credit card payment form that’s hosted on what looks like a “special offers” website.
This site may seem secure, and even boasts an HTTPS security padlock, but anyone looking to pay is just handing over your personal data, including your full card number and security code, to the criminals, giving them access to your accounts.
“Friends don’t let friends get scammed,” says Paul Ducklin, Principal Research Scientist at Sophos. “That’s why we deconstructed this smishing scam in detail and made a video of the process. You can show it to the people who rely on you for advice about cybersecurity and let them see how it plays out – without having to click through yourself.”
Comments are closed.