|

Web mail Webmail Login


0
  • No products in the cart.
Total:$0.00
How a Sophisticated Apple Support Scam Uses Apple’s Own Systems Against You - Compudent Systems
Information Technology Solutions for Dentists and the Dental Industry. Serving the GTA and Southern Ontario.
Dental I/T, Dental Information Technology, Network Security, Toronto, GTA, Dental, Network, I/T, Information Technology, Computer, Data, Abeldent, Dentrix, LiveDDM, Patterson Dental, Henry Schein, K-Dental, Sinclair Dental, Schick CDR, Dexis, Carestream, Carestream Dental, Digital Radiography, X-ray, Dental X-ray, Dental Software Support, Software
16858
bp-nouveau,wp-singular,post-template-default,single,single-post,postid-16858,single-format-standard,wp-theme-bridge,wp-child-theme-bridge-child,theme-bridge,woocommerce-no-js,ajax_fade,page_not_loaded,,columns-4,qode-child-theme-ver-1.0.0,qode-theme-ver-10.0,wpb-js-composer js-comp-ver-4.12,vc_responsive

How a Sophisticated Apple Support Scam Uses Apple’s Own Systems Against You

11 Feb How a Sophisticated Apple Support Scam Uses Apple’s Own Systems Against You

Posted at 00:56h in News by

A recent investigation by Moonlock Lab has shed light on one of the most sophisticated Apple phishing scams we’ve seen to date. What makes this attack so dangerous isn’t just clever social engineering — it’s the fact that scammers are weaponizing Apple’s own security systems to establish trust with their victims.

If you or anyone in your office uses Apple devices, this is worth understanding.

How the Attack Unfolds

The scam was first documented by Eric Moret, a Product Manager at Broadcom Software, who called it one of the most sophisticated phishing attacks he’d ever encountered.

Step 1: Triggering Legitimate Apple Alerts

The attackers begin by attempting to sign in to the victim’s Apple (iCloud) account. The failed login triggers genuine Apple security alerts: SMS messages and pop-up notifications on every Apple device linked to the account. The victim is now primed and anxious.

Step 2: The Spoofed Call from “Apple Support”

Shortly after, the victim receives a phone call from what appears to be a legitimate Apple phone number — in the documented case, the number belonged to the Apple Store in Atlanta, Georgia, a number scammers have been spoofing since at least 2018. The caller identifies themselves as Apple Support and tells the victim their account is under attack.

Step 3: Opening a Real Apple Support Ticket

Here’s where it gets truly devious. The scammer opens an actual Apple Support ticket on the victim’s behalf. The victim receives a legitimate Apple Support email with a real case number. When asked to verify the email and case number, everything checks out — because it’s all real.

“This gave them massive credibility,” Moret said. “Apple’s own systems were sending me official emails confirming their case number.”

Step 4: The Password Reset

With trust established, the scammers guide the victim through resetting their iCloud password. They never ask for the password or codes directly — they’re patient.

Step 5: The Phishing Page

Once the password is reset, the scammer tells the victim they’ll receive a text to “close out” the case. That text leads to a convincing phishing page mimicking Apple’s website. After a series of fake “security checks,” the scammer triggers a real 2FA code from Apple. The victim enters it into the phishing page.

Account compromised.

Why This Scam Is So Effective

The entire attack takes roughly 25 minutes and involves multiple legitimate touchpoints with Apple’s own systems. The victim sees real alerts, receives real emails, and gets a real 2FA code. The only elements controlled by the scammers are the phone calls and the final phishing page.

How to Protect Yourself

  • Never share passwords, verification codes, or 2FA codes with anyone over the phone. Apple will never ask for them.
  • Don’t trust caller ID. Phone numbers can be spoofed to appear as any number.
  • If you receive a suspicious call claiming to be Apple Support, hang up and contact Apple directly through support.apple.com.
  • Be wary of urgency. Scammers create panic to override your judgment.
  • Report phishing attempts to [email protected] and to your local authorities.

If You’ve Been Compromised

  1. Reset your Apple ID password immediately at iforgot.apple.com.
  2. Sign out of all devices using Apple’s official guide.
  3. Review your account for unauthorized changes.
  4. Enable or verify your two-factor authentication settings.
  5. Contact your bank if payment methods are linked to your Apple account.

The Bottom Line

This attack is a reminder that phishing sophistication has reached a level where even security-savvy users can be caught off guard. The scammers aren’t just impersonating Apple — they’re using Apple. The only reliable defense is a firm personal rule: never enter credentials or codes on a page you didn’t navigate to yourself, and never share them with someone who called you.

For the full technical breakdown, read the original investigation at Moonlock Lab.

Tags:
, , , ,


Contact us today - How can we help you?