Got an urgent email from Apple Support? Read this before you click…
As reported by Arstechnica, a new phishing scam targeting iOS users has recently been uncovered. Malicious attackers are combining traditional targeted phishing in conjunction with a fake Apple Care phone number. The attack works as follows:
- User receives a phishing e-mail with an urgent alert about a failed sign in attempt for an Apple ID
- “Check Activity” button is in the e-mail, which when clicked, redirects to a fake Apple Support page
- On the fake Apple Support page, JavaScript is used to activate a link that forces a dialog box that starts a phone call
- The phone call routes to an India-based tech support group that attempts to trick users into enrolling their iOS devices into a malicious MDM (Mobile Device Management) service. If the malicious MDM service is installed, it gives attackers a way to install additional apps on the devices and it can also compromise the integrity/security of the device itself
Rubica proactively blocks known phishing links to help protect users from being redirected to malicious phishing sites like the one the attackers use in this example. With Rubica running on your devices, you can connect safely to the internet from anywhere in the world and have access to our 24/7 cybersecurity experts for anything you need.
Contact us to learn how Rubica can help protect you from phishing scams or any other cyber security matters.
