Apple Store in Southern California Warning Customers About Fraudulent Phone Calls

Apple is warning customers who receive unsolicited phone calls claiming to be from the Apple Store at The Americana at Brand shopping complex in Glendale, California, as fraudsters appear to be posing as representatives of the store as part of a phishing scheme aimed at stealing customer information.


The following automated message plays when calling Apple The Americana:
Apple is aware that some customers are receiving unsolicited calls claiming to be from this Apple Store. If you receive an unsolicited call, you should not provide any information to the callers. For more information on cybercrime and ways to protect your computer, visit www.fbi.gov/investigate/cyber. Also, if you feel you have been a victim of fraud, please contact your local police. If you would like help changing your Apple ID password, please visit support.apple.com.
Apple did not immediately respond to our question asking if any customer information has been compromised, but it did point us to a previous instance of this warning at its River Park Square store in Spokane, Washington in October 2017.

In that case, the local CBS affiliate KREM 2 reported that customers in Spokane received phone calls from a number that appeared to be the local Apple Store, advising they talk to a "support advisor" who informed customers about a false "breach in cloud security" in an attempt to steal their information.

Our understanding is that Apple temporarily adds this automated message to stores associated with an increase in fraudulent behavior in an effort to protect customers. Apple is far from the only company affected by phishing schemes and offers several tips on how to avoid being victimized.

Apple advises customers who receive an unsolicited call from someone claiming to be from Apple to hang up and contact Apple directly.

This is an opportune moment to remind everyone that phishing attacks can also be in the form of emails, so be very careful when you receive an email that claims to be from Apple, especially if prompted to provide your password or other information. Be sure to contact Apple if you are uncertain about any email.

Related Roundup: Apple Stores

This article, "Apple Store in Southern California Warning Customers About Fraudulent Phone Calls" first appeared on MacRumors.com

Discuss this article in our forums

Apple Phishing Scams Growing More Advanced, With Latest Spoofing Apple Phone Numbers

Phishing scams attempting to get info out of Apple users are nothing new, but scammers are growing more clever and scams are getting harder to distinguish from actual Apple communication.

On his Krebs on Security site, security researcher Brian Krebs today outlined one of the latest phishing scams he's seen, where an incoming phone call appears to be from a legitimate Apple support line.

As described by Krebs, Jody Westby, CEO of security consulting firm Global Cyber Risk, received an automated call on her iPhone warning her that services containing Apple user IDs had been compromised.

The message asked her to call a 1-866 number, and in the Phone app, the call looked like a call from Apple, with the number listed as 1(800)MYAPPLE, the name listed as Apple Inc., and with Apple's Infinite Loop website.

Westby contacted Apple support via the official Apple Support page and asked for an employee to contact her. She was assured that the call was not legitimate, but when looking in her recent calls list, she saw that real support call had been lumped in with the fake call.

Original scam call info on the left, with scam call info lumped in with actual Apple support call on right.

The scammers spoofed Apple's phone number and the iPhone was unable to distinguish between the real and fake calls, making it look like Westby had, in fact, been contacted by Apple multiple times, when that was not the case. Westby told Krebs that this is a convincing scam that people may fall for.
"I told the Apple representative that they ought to be telling people about this, and he said that was a good point," Westby said. "This was so convincing I'd think a lot of other people will be falling for it."
Krebs went ahead and called the number that the scammers had asked Westby to call, where an automated system claimed he had reached Apple Support. A minute later, a person came on the line and asked about the reason for the call. Krebs responded that he was told to call about a breach at Apple, was placed on hold, and the call disconnected with no resolution.

A similar report hit Twitter this morning from Fantastical developer Michael Simmons, who says he received a scam phone call that also spoofed Apple's number.


Krebs believes scammers are aiming to obtain personal and financial details from Apple users to get payment, perhaps for tech support services. As he rightly points out, it is both shocking and concerning that Apple devices are unable to tell the difference between a legitimate call from Apple and someone attempting to spoof Apple.

With these kind of phone-based scams, it's a good idea to disconnect the call and get in touch with Apple via the actual support site to avoid being fooled. Apple support does not cold call users in this manner, so these calls are almost always fake, but scammers are skilled social engineers and people do fall for these scams.

Apple has a dedicated support page with information on how to avoid fake support calls, phishing emails, and other scam techniques that malicious individuals employ to extract information from Apple users.


This article, "Apple Phishing Scams Growing More Advanced, With Latest Spoofing Apple Phone Numbers" first appeared on MacRumors.com

Discuss this article in our forums

Developer Demonstrates iOS Phishing Attack That Uses Apple-Style Password Request

Developer Felix Krause today shared a proof of concept phishing attack that's gaining some traction as it clearly demonstrates how app developers can use Apple-style popups to gain access to an iPhone user's Apple ID and password.

As Krause explains, iPhone and iPad users are accustomed to official Apple requests for their Apple ID and password for making purchases and accessing iCloud, even when not in the App Store or iTunes app.


Using a UIAlertController that emulates the design of the system request for a password, developers can create an identical interface as a phishing tool that can fool many iOS users.
Showing a dialog that looks just like a system popup is super easy, there is no magic or secret code involved, it's literally the examples provided in the Apple docs, with a custom text.

I decided not to open source the actual popup code, however, note that it's less than 30 lines of code and every iOS engineer will be able to quickly build their own phishing code.
Though some of the system alerts would require a developer to have a user's Apple ID email address, there are also popup alerts that do not require an email and can recover a password.


The phishing method that Krause describes is not new, and Apple vets apps that are accepted to the App Store, but it's worth highlighting for iOS users who may not be aware that such a phishing attempt is possible.

As Krause says, users can protect themselves by being wary of these popup dialogues. If one pops up, press the Home button to close the app. If the popup goes away, it's tied to the app and is a phishing attack. If it remains, it's a system request from Apple.

Krause also recommends users dismiss popups and enter their credentials directly within the Settings app.

Krause has reported the issue to Apple and recommends a fix that would include Apple asking customers to enter their credentials into the Settings app rather than directly through a popup that can be easily mimicked. Alternatively, he suggests credential requests could include an app icon to indicate that an app is asking rather than the system.

As extra protection from attacks like this, Apple customers should enable two-factor authentication as it prevents attackers from being able to log into an Apple ID account without a code from a verified device.


Discuss this article in our forums