Los Angeles, CA – iPhone users in the United States are being targeted by a new cyberattack aimed at stealing their Apple IDs through a phishing campaign, according to a security software company alert released on Monday. Symantec reported that cyber criminals are sending text messages to iPhone users that appear to be from Apple, urging recipients to click on a link and sign in to their iCloud accounts.
The phishing scheme, known as “smishing,” tricks individuals into sharing personal information like account passwords and credit card data through fake text messages. These messages, appearing to be from Apple, prompt users to complete a CAPTCHA challenge before directing them to a fraudulent iCloud login page.
Symantec, owned by Broadcom, highlighted the importance of being cautious while interacting with messages that seem suspicious or come from unknown sources. Users are advised to verify the sender of the message, especially when it comes from a random phone number claiming to be Apple.
To protect themselves, iPhone users should avoid clicking on any links in messages requesting access to their iCloud account and instead visit login pages directly. Additionally, Apple recommends enabling two-factor authentication for enhanced security, ensuring that only the account owner can access their information.
Apple stressed that their support representatives would never send users links requesting sign-ins or personal information such as passwords, device passcodes, or authentication codes. It’s crucial to stay vigilant and terminate contact with anyone claiming to be from Apple if they request such information, as they are likely engaging in a social engineering scam.
The Federal Trade Commission suggests setting up automatic updates for security software on computers and mobile phones to prevent falling victim to phishing scams. By staying informed and cautious, users can protect themselves from potential cyber threats and safeguard their personal information from malicious actors.