New iOS Text Messaging SCAM

• A new iPhone text messaging scam has been identified doing the rounds as part of an effort to trick unsuspecting users into parting with sensitive account information.
• It seems that the message itself is enough official-looking to convince some people to follow the embedded URL and provide their own Apple ID and linked password in the hope of preventing their account from being terminated by Apple.
• Most recent case, rather than try to convince the user that an Apple ID is “about to expire”, this latest scam goes a step further to try and scare the receiver into action by informing them outright that their iCloud ID has actually been deactivated.

How it works?

• Rather than using the native alert view system to trick the user into interacting with the pop-up and then running a malicious code, this new scam is making its way onto users’ iPhones through simple texts in the hope of conning people into trusting the contents of the message.
• The type of scam being explored by this phishing method isn’t just limited to grabbing Apple ID details, it is also looking to get a hold of a user’s bank and credit card details.
• One of the key components of the text message that instantly breeds trust amongst those who receive it, is the fact that it is actually personalized with the receiver’s full name. That in itself suggests that the perpetrators behind the scam have actually purchased or received a database of names and numbers from a currently unknown source.
• The message continues to warn the receiver that his/her Apple account could be terminated if the URL isn’t followed and the account details aren’t confirmed. Of course, Apple warns against this type of attack on its support websites, and would never actually request account details in such a manner.
• The text message then provides a URL for the user which requests an ID and password to be entered to “confirm” the account. The fact that the message is actually personalized with the receivers name adds an air of believability to the whole scam.

Here’s what this malicious text message in question looks like:

"[Name], Your iCloud ID has been deactivated. To reactivate your account confirm your details here: – Apple.”

What you need to do?

  • Apple never issue text messages or emails requesting full account details to be issued by reply, and advises that “most often” attachments and non-Apple links in correspondence are “malicious and should not be opened”. If you receive this message, delete it instantly and do not tap the link.
    Who is impacted?

• Anyone with iOS device with text messaging service (iPhones)

What you need to do to protect yourself?
This isn’t the first time that scams of this nature have attacked iOS users, and it’s very naive to believe that it will be the last. Thisi is the latest method, and is most definitely one that should be avoided at all costs.

• Please note that Apple do not send text messages to ask you, to sign in to your Apple Account.
• Do not tap on any unknown links received via text message from unknown sender.
• Always make sure that you manage your Apple ID with appropriate recovery questions and secure 2 factor authentication.