Original photo by geralt on Pixabay
Security journalist Brian Krebs has uncovered a sophisticated new phishing attack: a call that appears to be from Apple and plays an automated message warning of a data breach (for the last such scam, and additional advice, see “Beware “iCloud Breach” Phone Scam,” 23 May 2018). Fortunately, the scammer called Jody Westby of Global Cyber Risk, who knew to hang up and request a call from Apple Support to see if there really was a breach (there wasn’t, of course). The spoof was so convincing that the iPhone’s recent call list confused the call from the scammer with the calls to and from the real Apple.
The best approach at this point is to accept calls only from people or businesses you know personally or when you’re expecting a call. And in general, if you ever do receive an unsolicited but legitimate-sounding call that claims to be from Apple or some other company, hang up, look up the right number on your own, and call back manually.