There’s a new phishing scam targeting iPhone users that aims to steal Apple ID information. These scams, known as “smishing”, are increasingly being sent via text messages, tricking users into revealing sensitive information.
What is Smishing?
Smishing is a form of phishing conducted through SMS (text messages). Scammers send messages that appear to be from a reputable source, such as Apple. The scammers send a text message that presents a sense of urgency, often alerting you about an issue with your account or that you owe money. The scammer’s goal is to trick the target into clicking a link and entering personal information or sending money. Sometimes the link contains malicious software which will infect the target’s device.
How Does the New iPhone Smishing Scam Work?
Scammers pose as Apple and send a text message asking you to click a link to confirm your iCloud information. They even set up CAPTCHA security measures to appear more legitimate. Once you complete the CAPTCHA, you’re directed to a fake iCloud login page. Entering your information gives scammers access to your Apple ID, allowing them to control your devices, access personal and financial information and make unauthorized purchases.
The Rise of Smishing
The Better Business Bureau’s Scam Tracker reported over 9,000 phishing scams last year, nearly double the previous year. Text message scams are becoming more popular than email because people are more likely to open a text.
Avoid Smishing Attacks
To protect yourself from smishing scams, follow these tips:
- Never click links, reply to texts or call numbers from unknown sources.
- Don’t respond to messages asking you to “text STOP” to end messages.
- Delete suspicious texts immediately.
- Keep your phone’s operating system and security apps up to date.
- Consider installing anti-malware software on your phone.
- Use multi-factor authentication for sensitive accounts.
- Talk with your friends and family about smishing so they are aware of the risks.
Verify Suspicious Texts
If you receive a text claiming to be from a company or government agency, verify it by checking your bill for contact information or visiting the company’s official website. Contact them separately to confirm if the text is legitimate.
Stay Vigilant
Always pause before engaging with unexpected texts. Scammers rely on your immediate response to trick you. By staying informed and being cautious, you can protect your personal information from smishing attacks.