Securing Our Communities: Apple Phone-Based Phishing Scam

Updated: Mar 8, 2019

Each week, the NTIC Cyber Center highlights a different social engineering scam impacting individuals and communities within the National Capital Region. We encourage everyone to share this information with friends, colleagues, and loved ones to help reduce their risk of becoming a victim of financial fraud and identity theft.


(Source: KrebsOnSecurity.com)

A recently-discovered Apple phone-based phishing scam uses sophisticated tactics to target Apple users and obtain sensitive, personal information such as login credentials and financial information. In this scam, the inbound phone call appears as though it originates from Apple’s customer support number. Along with the phone number, the associated contact card displayed in the target’s recent call list even spoofs other Apple information such as the company’s website address and business location to appear legitimate. If targeted callers answer the phone, the fraudsters behind the scheme introduce themselves as Apple customer support personnel and proceed to inform victims that their Apple accounts were compromised in a recent data breach. The scammers then offer assistance, likely requesting personal information, account credentials, or banking details from their victims in the process.


This type of scam could easily fool the most tech-savvy among us, so the NTIC Cyber Center provides the following tips to help our readers recognize the warning signs and avoid being victimized:

  • Apple support technicians will never initiate a phone call to customers to inform them about issues with their devices or accounts. The only time an Apple representative will initiate a call is if a customer schedules a call time via the support page on the company’s website.

  • Remain vigilant when answering unexpected calls, even if the Caller ID shows a familiar name or number. Scammers can alter Caller ID information to make any incoming call appear to originate from a legitimate source.

  • If possible, let unsolicited or unexpected calls transfer to voicemail. If the caller leaves a message, recipients can take the time needed to properly evaluate the legitimacy of the call.

  • If the voicemail message from an unexpected call includes a callback number, do not call it until you have verified the phone number through an online search. If the caller claims to be a representative of a known or reputable organization, use the phone number listed on the organization's official website to return the call.

If you suspect you have answered an Apple scam call or one similar to it, do not answer any questions or provide any personal or financial information to the caller. Hang up immediately.

The NTIC is governed by a privacy, civil rights, and civil liberties protection policy to promote conduct that complies with applicable federal, state, and local laws. The NTIC does not seek or retain any information about individuals or organizations solely on the basis of their religious, political or social views or activities; their participation in a particular noncriminal organization or lawful event; or their race, ethnicities, citizenships, places of origin, ages, disabilities, genders, or sexual orientations. No information is gathered or collected by the NTIC in violation of federal or state laws or regulations.