AppleCare+ users looking for help or an extended warranty have been the target of a malicious operation. Scammers easily create fake messages that look a lot like real Apple emails, notifications, or help requests.
Google advertising is used to trick people into visiting counterfeit GitHub websites owned by Microsoft. To steal money from careless people, scammers pose as Apple staff and use social engineering.
Read also: Nigeria’s Communications Commission launches Device Management System to regulate mobile devices
How do scams operate effectively?
This scam starts when users search for Apple support online. Google, which reportedly paid Apple $20 billion as the default search engine, displays adverts on Safari due to a profitable arrangement.
These “Sponsored” results may show above authentic Apple contact information. In certain circumstances, many fraudulent adverts precede accurate results.
When users click on these misleading advertisements, they are taken to a bogus page that claims to be the AppleCare+ customer assistance page. Users are encouraged to phone a toll-free number that is assumed to be associated with Apple on this page.
On the other hand, victims are instantly connected to fraudsters operating from call centres in other countries. GitHub hosts the false customer support pages, which are standalone HTML templates that use Apple’s branding. This gives the impression that the pages are authentic.
Scammers exploit GitHub: stay informed
The scammers use Multiple GitHub accounts with fake templates that fool users with Apple branding. According to GitHub’s commit history, scammers can easily shift phone numbers during active campaigns if reported and blocked.
These pages contain “autoDial,” an intriguing piece of code that opens the phone dialogue menu, decreasing the number of clicks victims need to connect with Apple impersonators.
As a result of this problem, GitHub shut down the accounts that were reported as being criminal. One problem that keeps coming up is how easy it is for scammers to make new accounts and themes.
Read also: Reolink’s battery security camera records for days, no fees
Fraud Prevention: Staying One Step Ahead
Malwarebytes says this scam is especially dangerous because it uses harmful Google ads and fake pages that look like the real thing.
Scammers use users’ loyalty to Apple’s brand to trick them into thinking they are speaking with real support representatives. Financially, victims may be duped out of hundreds or thousands of dollars, so the risks are substantial.
Scammers typically want victims to withdraw money from their bank accounts and pay it to them.
Fakers may ask for the victim’s name, address, social security number, and banking information. With this information, criminals can commit identity theft or blackmail.
Cybercriminals are trying to trick AppleCare+ users with malicious links. Mind you, scammers are constantly changing how they trick people, but if you stay thoughtful and careful, you will have a much lower chance of falling for these schemes.